executive-summary
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it is designed to ingest and process untrusted external data (PDF, Markdown, DOCX) and tool outputs to generate executive summaries.
- Ingestion points: The skill accepts raw reports (10-50 pages) and data from other modules like
moai-financeandmoai-pmas seen in the 'Workflow' and 'Related Skills' sections. - Boundary markers: There are no explicit instructions or delimiters provided to the agent to treat ingested data as untrusted or to ignore any instructions embedded within the source documents.
- Capability inventory: The skill has the capability to trigger several file generation tools including
pdf-writer,docx-generator,pptx-designer, andhwpx-writerthrough its chainable workflow. - Sanitization: The instructions do not define any sanitization, filtering, or validation steps for the content of the reports being summarized.
- [EXTERNAL_DOWNLOADS]: The skill references a well-known industry analysis service (Mordor Intelligence) for market data citations. This is documented as a standard reference for the skill's intended business use case.
Audit Metadata