paywall-upgrade-cro
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No executable code, shell scripts, or binary files are present in the skill. The logic is entirely contained within descriptive Markdown instructions.
- DATA_EXPOSURE (INFO): The skill suggests reading a local configuration file (
.claude/product-marketing-context.md) to gain context. This is a standard practice for context-sharing in specific agent environments and does not involve unauthorized data access or exfiltration capabilities. - INDIRECT_PROMPT_INJECTION (INFO): Although the skill ingests external content from a local file, it lacks the necessary capabilities (such as file writing, command execution, or network requests) to be exploited via prompt injection. The risk is negligible as it is restricted to reasoning and text generation.
Audit Metadata