screening
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a set of guidelines and a structured workflow for manual or batch screening against known compliance databases. It does not contain any executable scripts, command line operations, or network exfiltration patterns.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection via the processing of uploaded CSV files for batch screening. While no malicious behavior is present, processing untrusted external data could allow an attacker to embed instructions within the data fields. 1. Ingestion points: Batch screening process reads data from user-uploaded CSV files (SKILL.md). 2. Boundary markers: The skill does not define explicit delimiters or instructions to ignore embedded commands are defined in the skill instructions. 3. Capability inventory: The skill generates text-based reports and Excel files. No high-risk capabilities like shell execution or network requests are defined within the skill. 4. Sanitization: No sanitization or validation of the CSV content is specified.
Audit Metadata