audience-research
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code or unauthorized data access patterns were identified. The skill correctly uses vendor-provided tools for its primary research functions.\n- [PROMPT_INJECTION]: The 'review mining' feature processes untrusted customer data, which constitutes an indirect prompt injection surface. This is a functional requirement for analyzing user-supplied feedback.\n
- Ingestion points: Customer reviews provided via text paste, file path, or external source (SKILL.md Phase 2b).\n
- Boundary markers: None specified to differentiate customer review content from the agent's internal instructions.\n
- Capability inventory: The skill uses Motion MCP tools to fetch demographic and performance data and the 'Read' tool to access local configuration files.\n
- Sanitization: No sanitization or validation of the input review text is mentioned.
Audit Metadata