bonus-stack-builder
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface related to external data processing.
- Ingestion points: The workflow utilizes
web_searchto find product complaints and gaps (Step 1) and accepts user-supplied product metadata via the input schema. - Boundary markers: The instructions do not define boundary markers or clear separators (like XML tags or triple quotes) to encapsulate the external search results or user inputs, which could allow maliciously crafted data to influence the agent's behavior.
- Capability inventory: The skill is capable of performing web searches and generating marketing copy. It does not exhibit dangerous capabilities such as file-system modification or arbitrary command execution.
- Sanitization: There is no evidence of sanitization, filtering, or validation of the data retrieved from external sources before it is incorporated into the generation process.
Audit Metadata