kyc-risk-rating
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional, providing a methodology for Anti-Money Laundering (AML) risk scoring based on FATF recommendations. It contains no executable scripts or code.
- [SAFE]: No instances of prompt injection, data exfiltration, or obfuscation were found. The 'NEVER DO THESE' section contains domain-specific safety guidelines rather than attempts to bypass AI safety filters.
- [SAFE]: Reference to external domains (fatf-gafi.org) is for informational use and does not involve automated downloads or execution of remote content.
- [SAFE]: While the skill defines a process for ingesting customer data (ID, Name, behaviors), it possesses no dangerous capabilities—such as network access, file system modifications, or shell execution—that could be exploited via indirect prompt injection.
- Ingestion points: Customer ID, Name, and behavioral indicators are ingested to generate the assessment (SKILL.md).
- Boundary markers: Absent; template placeholders like [Name] are used without delimiters.
- Capability inventory: None detected; no tools or scripts are referenced or used.
- Sanitization: None detected.
Audit Metadata