commerce-jtbd-persona
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (customer reviews and Q&A), creating a surface for indirect prompt injection where instructions hidden in the data might influence the agent's behavior.
- Ingestion points: Review and Q&A data from Naver Shopping, Cafe24, and user-provided screenshots or text files as described in the workflow sections of SKILL.md.
- Boundary markers: Absent. The skill does not instruct the agent to use delimiters or specific warnings to ignore potential instructions embedded within the customer-generated content.
- Capability inventory: The skill is focused on text processing and summarization; no dangerous capabilities such as file system writing, network requests to untrusted domains, or arbitrary code execution were identified.
- Sanitization: Absent. There are no procedures defined to sanitize or validate the content of the reviews before the agent processes them.
Audit Metadata