china-3c-marketing-copilot
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses a standard RAG (Retrieval-Augmented Generation) architecture with local Markdown files, presenting no risk to the execution environment.
- [SAFE]: The instructions and code examples follow best practices for secret management, specifically recommending the use of .env files and environment variables for managing API keys.
- [SAFE]: External dependencies are limited to well-known, reputable packages (pandas) used for standard data cleaning tasks.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes external CSV and Markdown data into LLM prompts. However, the skill includes built-in mitigations such as data schema validation, citation requirements, and a dedicated fact-checking sub-agent process.
- Ingestion points: External CSV review data (
earphone_reviews.csv) and the localknowledge-base/directory. - Boundary markers: Data is interpolated directly into f-string prompts without explicit XML or delimiter tags.
- Capability inventory: Python-based data cleaning, JSON export, and regex text extraction.
- Sanitization: Includes structural validation of CSV columns and strict source attribution formatting requirements.
Audit Metadata