board-deck-preparation
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to process data from external business systems.
- Ingestion points: Financial and operational data extracted from BI, ERP, and CRM systems as described in the data collection step.
- Boundary markers: Absent; the instructions do not specify delimiters or markers to isolate ingested data from the agent's instructions.
- Capability inventory: Text generation, summary creation, and data visualization planning based on external inputs.
- Sanitization: No validation or sanitization logic is provided to filter potential instructions hidden in the data sources.
- [DATA_EXFILTRATION]: The skill manages sensitive corporate information including revenue, profit, and M&A activity. However, there are no network tools, curl commands, or scripts present to transmit this data to external or untrusted domains.
- [COMMAND_EXECUTION]: No shell commands, script generation, or system-level execution patterns were found in the skill content.
Audit Metadata