pre-visit-credit-analysis
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns such as prompt injection, obfuscation, or persistence mechanisms were detected. The skill's logic follows a legitimate business process for credit risk assessment.
- [DATA_EXPOSURE]: The skill explicitly defines and enforces data masking (de-identification) rules for sensitive information, such as replacing customer IDs, bank account numbers, and specific financial amounts with placeholders or range descriptions before including them in reports.
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/validate_pre_visit.pyduring its initialization step (Step 0). Analysis of this script confirms it is benign, performing only basic input validation (regex and enum checks) using the Python standard library with no network or high-risk system calls. - [EXTERNAL_DOWNLOADS]: The skill references various Chinese enterprise data sources (e.g., QiChaCha, TianYanCha) and the vendor's own 'Bailian' web search service. These are documented as standard data sources for the intended financial use case and do not involve untrusted remote code execution.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from external web searches (public sentiment analysis). While this constitutes an ingestion surface for indirect prompt injection, the risk is mitigated by the skill's structured output requirements, data validation steps, and specific 'Gotchas' documentation that instructs the agent to verify signals across multiple sources.
Audit Metadata