app-review-analyzer
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external content from app store reviews which provides a surface for indirect prompt injection.
- Ingestion points: The skill reads review text from public listings on apps.apple.com and play.google.com.
- Boundary markers: There are no explicit instructions or delimiters used to separate user-provided reviews from the agent's core instructions.
- Capability inventory: The agent uses the collected data to generate structured analysis reports and draft public responses.
- Sanitization: The skill does not perform any filtering, escaping, or validation of the review text before analysis.
Audit Metadata