amazon-seasonal-planning

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests untrusted data from external sources (web search and user-provided product data) to formulate its response.
  • Ingestion points: Data enters the context via web_search for Amazon rules/dates and Google Trends for demand patterns.
  • Boundary markers: The instructions do not define clear delimiters or instructions to ignore embedded commands in the fetched data.
  • Capability inventory: The skill primarily performs text analysis and provides structured advice. It does not have access to sensitive file systems, credential stores, or shell execution tools.
  • Sanitization: No sanitization or validation of external search results is specified in the instructions.
  • [SAFE]: No obfuscation, remote code execution, persistence mechanisms, or credential harvesting patterns were detected. The skill uses standard business logic for Amazon selling workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 04:21 AM
Security Audit — agent-trust-hub — amazon-seasonal-planning