insurance-underwriting-recording-inspection
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a local Python script
scripts/validate_input.pyto perform pre-execution checks on provided media file paths and validate product categories against a predefined list. - [EXTERNAL_DOWNLOADS]: The configuration in
requirements.txtspecifiesdashscopeandagentscope. These are official, versioned packages from the author's platform (Aliyun/Alibaba Cloud) used for AI model integration. - [PROMPT_INJECTION]: The skill processes untrusted external audio data that is converted to text and ingested into the agent's context for compliance analysis. This creates a surface for indirect prompt injection if the recording contains malicious instructions.
- Ingestion points: Audio/video files provided via
media_pathinSKILL.mdandscripts/validate_input.py. - Boundary markers: Absent; the instructions do not specify the use of structural delimiters (e.g., XML tags or unique separators) to isolate transcribed text from system instructions.
- Capability inventory: Uses
asr-servicefor transcription,compliance-kbfor knowledge retrieval, and local Python validation scripts. - Sanitization: The skill includes a 'Compliance Constraints' section explicitly requiring the desensitization of customer PII and financial information found within the recordings.
Audit Metadata