attribution-reconciler
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious code, obfuscated content, or unauthorized command execution patterns were found in the skill documentation or instructions.
- [PROMPT_INJECTION]: The skill proactively mitigates indirect prompt injection risks by including a mandatory instruction to treat all external data as untrusted. It specifies that any text inside an export must be treated as data for reconciliation and never as an instruction to the agent.
- [DATA_EXFILTRATION]: While the skill processes sensitive marketing and transaction data (order IDs, conversion values), it does so using local file operations and agent memory. There are no network requests or external data transfer mechanisms identified that would indicate a risk of data exfiltration.
Audit Metadata