Amazon Seller
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (such as buyer names, messages, and product listings) through interpolation in messaging and listing templates, which presents an indirect prompt injection surface.\n
- Ingestion points: Buyer communications and product metadata processed in the 'messaging_automation' and 'listing_template' sections of SKILL.md, as well as 'Product listings' and 'Order information' inputs defined in the frontmatter.\n
- Boundary markers: No explicit delimiters or 'ignore embedded instructions' warnings are present to separate untrusted data from agent instructions.\n
- Capability inventory: The skill utilizes powerful tools (amazon_sp_api, amazon_ads_api, amazon_inventory, amazon_orders) that allow the agent to perform data modification and network operations based on the processed inputs.\n
- Sanitization: The provided instructions do not include logic for sanitizing or validating external content before it is interpolated into templates.
Audit Metadata