product-tracking-design-tracking-plan
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill provides a structured framework for designing tracking plans through documentation and templates.
- [DATA_EXPOSURE]: No hardcoded credentials or sensitive file access patterns were found. The skill includes explicit guidance on avoiding PII (Personally Identifiable Information) in event properties, which is a security best practice.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns, package installations, or external script downloads were identified.
- [PROMPT_INJECTION]: The instructions do not contain markers for overriding system prompts or bypassing safety guidelines. The role-play elements are confined to the intended professional context of a telemetry engineer.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests local data (product models and current-state audits) to generate tracking plans, it does not possess exploitable capabilities like arbitrary command execution or external network calls that would elevate the risk beyond a low surface level.
Audit Metadata