actuarial-analyst
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes external insurance data, which establishes a surface for indirect prompt injection.
- Ingestion points: Data feeds for loss triangles, census records, and model inputs (SKILL.md, references/data_validation_and_model_io.md).
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions potentially embedded within these data sources.
- Capability inventory: The workflows utilize tool-based processing for SQL, R, and Python data manipulation.
- Sanitization: While the skill emphasizes data validation for accuracy and PII redaction, it lacks specific sanitization of external data against prompt injection attacks.
- [SAFE]: No other threats, such as direct prompt injection, hardcoded credentials, or unauthorized remote code execution, were detected in the skill contents.
Audit Metadata