Supplier Risk Monitor
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of markdown instructions and documentation. No executable code is included in the package.
- [PROMPT_INJECTION]: No direct prompt injection or bypass attempts were found. While the skill processes external signals which could present an indirect injection surface, it lacks any exploitable capabilities. Evidence Chain: 1. Ingestion points: external_signals object in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: None. No subprocess calls, exec/eval, file-write, or network operations across the instructions. 4. Sanitization: Absent.
- [DATA_EXFILTRATION]: The skill processes sensitive business data as input but contains no instructions or capabilities for network transmission or external data exfiltration.
Audit Metadata