sku-rationalization-advisor
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process external data (SKU master lists, sales data), which creates a surface for indirect prompt injection. An attacker could potentially embed malicious instructions within data fields to influence the agent's analysis or output.
- Ingestion points: SKU master list, sales data, inventory data, and strategic item flags.
- Boundary markers: No explicit delimiters or instructions are provided to help the agent distinguish between data and system instructions.
- Capability inventory: The agent generates textual action recommendations and portfolio impact simulations.
- Sanitization: The methodology does not include steps for validating or sanitizing the input data for potential instruction content.
Audit Metadata