onboarding
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from external websites that are not under the author's control.
- Ingestion points: Data enters the context via the browser tool from Google News, BBC, Reuters, LinkedIn, and various government registries.
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when handling content from external searches.
- Capability inventory: The skill has capabilities to create and modify files, and generate Excel and PDF reports.
- Sanitization: There is no evidence of sanitization or filtering of external content before it is processed into the audit logs and reports.
- [EXTERNAL_DOWNLOADS]: The skill facilitates searches across well-known news organizations and official regulatory bodies (such as the FCA, Companies House, and OFAC). These references to external services are legitimate and necessary for the skill's primary function of regulatory compliance.
- [DATA_EXFILTRATION]: The skill is designed to process and store Personally Identifiable Information (PII), including passports, IDs, and financial backgrounds. This data is handled within the scope of generating internal reports and maintaining an audit trail as required by the described KYC process.
Audit Metadata