guard-activate-onboarding
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructions explicitly encourage the ingestion and processing of untrusted external data sources, including CRM exports, meeting transcripts, and PDF documents (referenced in
references/input-rules.md). - Ingestion points: The skill accepts conversational dumps, Slack pastes, CRM tables, and PDF files.
- Boundary markers: There are no explicit instructions for the agent to treat this external content as untrusted or to use delimiters to prevent embedded instructions from being followed.
- Capability inventory: The skill is purely instructional and does not request access to shells, network tools, or sensitive local files.
- Sanitization: No sanitization or validation logic is defined for the external inputs.
Audit Metadata