insurance-agent-gap-advisor

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The skill is designed to process highly sensitive information, including financial assets, family structures, and health history. To mitigate risks, the instructions explicitly mandate privacy protection measures such as PII desensitization in reports and an audit trail for data access.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from users (family profiles, policy lists, health records) and uses this data to generate recommendations via MCP tools and other skills. While it lacks explicit boundary markers to prevent the agent from following instructions embedded in that data, it implements a 'data source labeling' requirement ([User], [Standard], [Infer]) to ensure the provenance of every calculated figure is visible to the auditor.
  • [COMMAND_EXECUTION]: The package includes a local Python script scripts/validate_input.py for input validation. Analysis confirms it only performs basic JSON schema checks and does not spawn sub-processes or utilize unsanitized user input in dangerous sinks.
  • [SAFE]: The skill integrates with external resources that are consistent with the vendor's identity ('aliyun'), such as the DashScope API configuration. All tool calls and skill delegations are within the expected domain of insurance business operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 10:29 AM
Security Audit — agent-trust-hub — insurance-agent-gap-advisor