ai-sales-compensation

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is designed to process external, untrusted data which could contain embedded malicious instructions.
  • Ingestion points: Untrusted data enters the agent context via the materialText, materialFile (supporting .xlsx, .xls, .csv, .tsv), and materialUrl parameters as defined in references/form-schema.json.
  • Boundary markers: There are no explicit delimiters or system instructions present in the provided files to isolate user-provided data from the core logic or to warn the model to ignore embedded instructions.
  • Capability inventory: The scripts/run.py script performs network requests to the ai-skills.ai API to process the ingested data.
  • Sanitization: No sanitization, validation, or escaping of the external content is observed in the provided files before the data is transmitted for processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-sales-compensation