Skills
skills/tough-tongue/demo-prep-skills/demo-review/Gen Agent Trust Hub

demo-review

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external content, creating a vulnerability to indirect prompt injection attacks.
  • Ingestion points: The agent retrieves data from external Video URLs (e.g., Loom, YouTube) and Website URLs, as well as the local 'company-profile.md' file.
  • Boundary markers: There are no specified delimiters or instructions used to isolate external content from the agent's primary instructions.
  • Capability inventory: The skill utilizes the agent's browser navigation and content analysis capabilities to evaluate external web experiences.
  • Sanitization: Content from external sources is not sanitized or validated before being analyzed by the agent.
  • [NO_CODE]: The skill consists entirely of instructions and does not include any executable scripts, binaries, or third-party code packages.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 01:34 PM