credit-policy-analysis

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to the ingestion of data from external search results in SKILL.md (Step 0).\n- Ingestion points: Workflow Step 0 in SKILL.md fetches data via external_search.\n- Boundary markers: Absent; the skill does not use specific delimiters to isolate search content.\n- Capability inventory: No dangerous operations (subprocess, network exfiltration, or persistence) were found in the provided code or instructions.\n- Sanitization: Absent; the skill depends on the agent's instructions to verify sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 06:40 AM
Security Audit — agent-trust-hub — credit-policy-analysis