ecommerce-platform-audit-requirements

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its primary function is to ingest and analyze untrusted external data (e.g., platform URLs, architecture notes, and existing policies).
  • Ingestion points: Untrusted data enters the context through user-provided platform URLs, app links, architecture notes, and existing policy documents (Privacy Notice, Terms) as specified in SKILL.md under 'Required Inputs'.
  • Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore potentially malicious embedded content within the ingested policies.
  • Capability inventory: No scripts, subprocess calls, or network operations are present within the skill's own files; it functions as a set of instructional prompts.
  • Sanitization: No explicit sanitization or validation steps are defined for the external inputs before they are processed by the agent.
  • [NO_CODE]: The skill is composed entirely of Markdown documentation (SKILL.md) and reference files (audit-scope-and-standards.md, eac-data-protection-table.md, remediation-backlog-template.md). It contains no executable scripts (Python, JavaScript, shell) or configuration files that would perform automated actions, significantly reducing its attack surface.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 04:57 PM
Security Audit — agent-trust-hub — ecommerce-platform-audit-requirements