ai-sales-compensation
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is designed to process external, untrusted data which could contain embedded malicious instructions.
- Ingestion points: Untrusted data enters the agent context via the
materialText,materialFile(supporting .xlsx, .xls, .csv, .tsv), andmaterialUrlparameters as defined inreferences/form-schema.json. - Boundary markers: There are no explicit delimiters or system instructions present in the provided files to isolate user-provided data from the core logic or to warn the model to ignore embedded instructions.
- Capability inventory: The
scripts/run.pyscript performs network requests to theai-skills.aiAPI to process the ingested data. - Sanitization: No sanitization, validation, or escaping of the external content is observed in the provided files before the data is transmitted for processing.
Audit Metadata