budget-variance-analysis
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interpolates data from external sources into its decision-making logic without safety boundaries.\n
- Ingestion points: Retrieves financial data (actuals, units, prices) from [ERP] and [BK] systems (mentioned in SKILL.md).\n
- Boundary markers: Absent. There are no delimiters or instructions provided to the agent to distinguish between data and commands in the external input.\n
- Capability inventory: Performs variance calculations, categorizes expenditure as 'strategic' or 'uncontrolled', and provides formal approval/rejection recommendations for budget overruns.\n
- Sanitization: Absent. No logic is present to validate or filter the contents of the external data before it is analyzed.\n- [DATA_EXFILTRATION]: The skill attempts to access
../../CLAUDE.md. Navigating to parent directories using relative paths is a pattern associated with data exposure, as it allows the skill to read files outside its designated local directory.
Audit Metadata