customer-story-builder
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8) as it is designed to ingest and process untrusted external data such as customer interview transcripts, survey responses, and Slack messages. It lacks explicit boundary markers or instructions for the agent to disregard potential commands hidden within these inputs. 1. Ingestion points:
SKILL.md(Phase 0: Intake). 2. Boundary markers: Absent. 3. Capability inventory: File system write operations (Phase 4). 4. Sanitization: Absent. - [NO_CODE]: This skill consists entirely of natural language instructions and configuration metadata. It does not include any executable scripts, binaries, or third-party package dependencies.
Audit Metadata