sfd-analytics
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: Performs network requests to the Zernio API at
https://zernio.com/api/v1. While these requests are necessary for the skill's primary function, the target domain is not within the standard whitelist for network activity. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes data from external sources to generate reports.
- Ingestion points: Post-level data retrieved via
GET /postsfrom the Zernio API and performance metrics provided manually by the user from Instagram Insights. - Boundary markers: The skill instructions do not utilize specific delimiters or instructions to help the agent distinguish between its core instructions and potentially malicious commands embedded in the retrieved content.
- Capability inventory: The agent has the capability to perform network requests to the Zernio API.
- Sanitization: There is no evidence of content validation, escaping, or filtering of the external data before it is used to generate pattern analysis and trajectory projections.
Audit Metadata