hotel-chains
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate reference data for travel planning and loyalty program management.
- [PROMPT_INJECTION]: The instructions include directive language such as 'No judgment call' and 'Just do it' to automate tool use for checking award rates. While these are forceful, they are aligned with the skill's primary purpose of travel automation and do not attempt to bypass core safety or ethical constraints.
- [DATA_EXFILTRATION]: The skill refers to accessing sensitive personal information, specifically AwardWallet balances. However, it only prescribes reading this data for user-facing comparison tasks and contains no instructions to exfiltrate this data to external or unauthorized domains.
- [PROMPT_INJECTION]: The skill ingests untrusted data via local JSON files (
data/hotel-chains.jsonanddata/sweet-spots.json). This creates a surface for indirect prompt injection; however, there is no evidence of actual malicious injection in the provided files, and the capability (checking hotel rates) is low-risk.
Audit Metadata