product-showcase-page
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to automate the creation of marketing landing pages. It defines a template and a research process that results in static HTML and CSS. The instructions emphasize self-contained code without external dependencies, such as Google Fonts or icon libraries, which enhances privacy and performance.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection as it ingests data from external web searches (Step 1 in SKILL.md). Malicious content in search results could theoretically attempt to influence the generated page content.
- Ingestion points: Product data, features, pricing, and reviews gathered via the web_search tool.
- Boundary markers: The skill does not use specific boundary markers or instructions to ignore embedded commands within the searched content.
- Capability inventory: The agent has the capability to write the generated HTML and JavaScript to a local file ([product-slug]-showcase.html).
- Sanitization: The workflow includes a sanitization step where the agent is instructed to paraphrase or create representative examples for testimonials rather than copying them verbatim, which helps mitigate the risk of direct instruction injection from external sources.
Audit Metadata