huchenfeng-perspective
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection surface (Category 8) by requiring the agent to ingest and process untrusted user data—specifically sensitive demographic and financial details—to drive its internal classification and 'qualifying' logic. This creates a surface where user-supplied content could potentially influence the agent's behavior.
- Ingestion points: Demographic and income data requested in the 'Check Household Registration' (查户口) phase in
SKILL.md. - Boundary markers: Absent; there are no delimiters or 'ignore embedded instructions' warnings for the data gathered from the user.
- Capability inventory: No subprocess calls, file-write operations, or network exfiltration capabilities were identified across the skill's scripts and instructions.
- Sanitization: Absent; user responses are interpolated directly into the persona's qualitative analysis framework without validation or filtering.
Audit Metadata