battlecard-generator
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It retrieves and processes untrusted content from competitor websites and third-party review platforms like G2 and Capterra.
- Ingestion points: The skill fetches competitor homepages, pricing pages, and customer reviews using web_search and fetch_webpage tools as defined in Phase 1 of SKILL.md.
- Boundary markers: Absent. The skill instructions do not include delimiters or instructions for the agent to ignore potentially malicious commands embedded in the retrieved external data.
- Capability inventory: The agent has capabilities to perform web searches, fetch webpages, and write files to the local file system.
- Sanitization: Absent. There is no evidence of validation or filtering applied to external content before it is processed by the model.
- [COMMAND_EXECUTION]: The skill instructs the agent to perform file system operations by saving generated battlecards to a structured directory path: clients//product-marketing/battlecards/.
- [EXTERNAL_DOWNLOADS]: The skill utilizes web_search and fetch_webpage to retrieve data from various external, third-party domains during the competitor research phase.
Audit Metadata