sbiz365-analyst
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external data from user-provided PDF reports, which creates an indirect prompt injection surface.
- Ingestion points: Content is extracted from external PDFs (Step 2 in
SKILL.md) to perform market analysis. - Boundary markers: There are no instructions to wrap extracted content in delimiters or provide 'ignore embedded instructions' warnings for the agent.
- Capability inventory: The skill utilizes
moai-office:docx-generatorto create persistent Word documents andai-slop-reviewerto modify content based on the analysis results. - Sanitization: No explicit sanitization or validation of the text extracted from the PDFs is defined before it influences the agent's reasoning or the final document generation.
- [COMMAND_EXECUTION]: The documentation in
references/report-template.mdincludes a hardcoded local filesystem path for saving reports (/Users/goos/Documents/Claude/Projects/상권분석/). Directing an agent to interact with specific user-named directories can lead to unintended filesystem access or errors if the agent's environment does not match the hardcoded template path.
Audit Metadata