points-valuations
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions specify a maintenance routine to re-fetch data from external source URLs (referenced in the
_meta.sourcesfield ofdata/points-valuations.json) if the information is more than 45 days old. This ensures valuations for loyalty programs remain current. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting and processing data from external travel publications and local JSON files.
- Ingestion points: Untrusted data enters the agent context through the local
data/points-valuations.jsonfile and any content fetched from the external source URLs defined within its metadata. - Boundary markers: There are no specific delimiters or instructions provided to separate the external data from the system's operational instructions, nor warnings to the agent to ignore instructions embedded in the fetched text.
- Capability inventory: The skill operates within an environment where the agent can perform network requests, read local files, and execute multi-step logic based on the data retrieved (e.g., using the
transfer-bonusesandstatus-matchskills). - Sanitization: The skill does not describe any validation, filtering, or escaping of the content retrieved from external sources before it is processed by the agent.
- [COMMAND_EXECUTION]: The skill provides formulas and decision rules that imply the agent will use available tools to perform calculations and potentially execute network requests to verify live pricing at domains like
staralliance.comorstatusmatch.com.
Audit Metadata