customer-support
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it is designed to process untrusted data from customer support tickets. Ingestion points: The skill ingests data via '[paste customer message]' and '[paste tickets]' placeholders as seen in SKILL.md. Boundary markers: No specific delimiters or warnings to ignore embedded instructions are present. Capability inventory: The skill possesses no executable code, network access, or file-writing capabilities, which limits the potential impact of an injection. Sanitization: No input validation or sanitization of processed data is defined. This surface could be exploited by embedding malicious instructions within a ticket to influence the agent's classification or response output.
- [NO_CODE]: The skill consists entirely of natural language instructions and metadata. It does not include any Python packages, Node.js modules, shell scripts, or binary files.
Audit Metadata