ticket-triage
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes raw, untrusted data from customer support tickets, which creates an inherent surface for indirect prompt injection. A malicious user could attempt to include instructions within a ticket to influence how the agent classifies or routes the request.
- Ingestion points: The workflow in
SKILL.mddescribes ingesting raw subject lines, bodies, and customer metadata. - Boundary markers: There are no explicit instructions or delimiters defined to isolate the ticket content from the agent's logic.
- Capability inventory: The agent generates responses and determines routing paths for the tickets.
- Sanitization: The provided instructions do not mention sanitizing or validating the input text to prevent instructional hijacking.
- [NO_CODE]: This skill is composed entirely of markdown instructions and does not bundle any scripts, binaries, or configuration files that could execute code.
- [SAFE]: No evidence of malicious behavior, such as credential exposure, unauthorized network connections, or persistence mechanisms, was found in the analysis of the skill documentation.
Audit Metadata