Skills
skills/qu-skills/skills/customer-persona/Gen Agent Trust Hub

customer-persona

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs users to install the 'belt' CLI tool and references installation documentation hosted on the 'inference-sh' GitHub organization.
  • [COMMAND_EXECUTION]: The skill executes 'belt' CLI commands to perform market research and generate AI images. These commands are executed within a restricted Bash environment as specified in the allowed-tools configuration.
  • [PROMPT_INJECTION]: The skill processes external content retrieved via search tools, which introduces a surface for indirect prompt injection.
  • Ingestion points: Data entering through 'tavily/search-assistant' and 'exa/search' in the research steps.
  • Boundary markers: Tool inputs use structured JSON schemas which help isolate data from instructions.
  • Capability inventory: The skill utilizes 'belt app run' for searching and image generation.
  • Sanitization: No specific sanitization or filtering of search results is defined in the instruction set.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 10:26 PM
Security Audit — agent-trust-hub — customer-persona