voice-of-customer
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill extracts product categories, competitor lists, and audience segments from local files such as
customer-insight.mdandcompetitive-intel.mdand transmits them to the Perplexity AI search tool. This transfer is necessary for generating relevant research queries and aligns with the skill's stated purpose without exposing sensitive credentials or private system files.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface typical of research-oriented agents.\n - Ingestion points: Web content and customer quotes are retrieved from external online communities via the
perplexity_asktool.\n - Boundary markers: Customer phrases are stored within quotation marks in the output markdown file, but the skill lacks explicit logic to sanitize or ignore commands that might be embedded within the gathered text.\n
- Capability inventory: The skill writes retrieved data to
research-memory/customer-language.md, which is intended for ingestion by other copywriting and SEO skills in the agent ecosystem.\n - Sanitization: No automated sanitization or instruction-filtering of the retrieved strings is performed.
Audit Metadata