ecommerce-platform-audit-requirements
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its primary function is to ingest and analyze untrusted external data (e.g., platform URLs, architecture notes, and existing policies).
- Ingestion points: Untrusted data enters the context through user-provided platform URLs, app links, architecture notes, and existing policy documents (Privacy Notice, Terms) as specified in
SKILL.mdunder 'Required Inputs'. - Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore potentially malicious embedded content within the ingested policies.
- Capability inventory: No scripts, subprocess calls, or network operations are present within the skill's own files; it functions as a set of instructional prompts.
- Sanitization: No explicit sanitization or validation steps are defined for the external inputs before they are processed by the agent.
- [NO_CODE]: The skill is composed entirely of Markdown documentation (
SKILL.md) and reference files (audit-scope-and-standards.md,eac-data-protection-table.md,remediation-backlog-template.md). It contains no executable scripts (Python, JavaScript, shell) or configuration files that would perform automated actions, significantly reducing its attack surface.
Audit Metadata