Skills
skills/vivy-yi/finance-skills/kpi-data-tracking/Gen Agent Trust Hub

kpi-data-tracking

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes data from external business systems.
  • Ingestion points: Data is extracted from external business systems including BI, ERP, CRM, and SAP Concur as described in the extraction instructions.
  • Boundary markers: No explicit delimiters or instructions are used to isolate the ingested system data from the agent's instructions.
  • Capability inventory: The skill is primarily designed for data aggregation and report generation; no shell command execution or file system writes are defined in the provided markdown instructions.
  • Sanitization: No input validation or sanitization of the external business data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 02:26 AM
Security Audit — agent-trust-hub — kpi-data-tracking