Skills
skills/xu-cell/ai-engineering-init/tenant-management/Gen Agent Trust Hub

tenant-management

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill defines patterns for programmatic isolation bypass and context switching, establishing a surface for indirect prompt injection.
  • Ingestion points: Developer or administrative queries related to cross-tenant data management and synchronization.
  • Boundary markers: Absent; the skill does not include instructions for the agent to enforce authorization boundaries before utilizing isolation-bypass methods.
  • Capability inventory: Methods such as ignore() and dynamic() allow the agent to circumvent database filters and access data across all tenants (SKILL.md, references/tenant-scenarios.md).
  • Sanitization: No input validation or permission checking logic is proposed for the tenant identifiers used in context-switching operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 10:12 AM