Skills
skills/affitor/affiliate-skills/category-designer/Gen Agent Trust Hub

category-designer

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [NO_CODE]: The skill consists entirely of markdown instructions and YAML configuration metadata. No executable scripts, binaries, or code files are included in the package.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted user-provided content which is then used to drive agent capabilities.
  • Ingestion points: The product and competitors fields in the Input Schema in SKILL.md accept arbitrary user text.
  • Boundary markers: Absent. There are no delimiters or specific instructions for the agent to ignore potentially malicious directions embedded in the product description.
  • Capability inventory: The skill utilizes the web_search capability in Step 1 to analyze the market based on the user's input.
  • Sanitization: Absent. The skill does not validate, escape, or filter the user input before it is used in the workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 07:32 AM