discover-journey-map
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and process untrusted external data.
- Ingestion points: The skill explicitly requests and processes external data including interview transcripts, survey results, customer support tickets, and analytics data as described in the 'Inputs' and 'Core principle' sections of SKILL.md.
- Boundary markers: The instructions do not specify the use of clear delimiters or guardrail instructions to prevent the agent from following potential commands embedded within the research data.
- Capability inventory: The skill's capabilities are limited to reading files (Read, Grep) and generating Markdown/Mermaid output. It lacks dangerous capabilities like network access, persistent storage, or arbitrary code execution, which mitigates the risk of successful exploitation.
- Sanitization: There is no mention of input sanitization or validation for the research data before it is incorporated into the prompt context.
Audit Metadata