sales-brief
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs standard business logic for sales analysis, ranking products by revenue and seasonality without any suspicious operations.
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes data from external business tools. Analysis of the risk factors:
- Ingestion points: External data is retrieved from
~~платежи(ЮKassa, Tinkoff),~~бухгалтерия(1C, MoySklad), and~~crmsystems. - Boundary markers: While explicit data delimiters are absent, the skill includes a critical safety directive: "Never plan or publish content automatically," ensuring that output must be reviewed by a human.
- Capability inventory: The skill has access to
Bash,WebFetch, andReadtools. - Sanitization: No explicit sanitization or filtering of the ingested business data is performed prior to analysis.
- [DATA_EXFILTRATION]: No evidence of unauthorized data transmission or credential harvesting was found. The skill's primary function is to summarize internal data for the user.
Audit Metadata