customer-journey-mapper
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests data from a
handoff_to_customer_journey_mapperblock and explicitly instructs the agent to treat this content as authoritative input. While this enables data transfer between skills, the lack of boundary markers or sanitization logic for this block represents a potential surface for indirect prompt injection from upstream data sources. - [REMOTE_CODE_EXECUTION]: The skill contains specific instructions for generating Python code using the matplotlib library to create emotion curve visualizations when producing Word documents. This runtime generation of plotting scripts is based on calculated scores and follows a predefined template for data visualization.
Audit Metadata