product-marketing-context
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its 'Auto-draft from codebase' feature.
- Ingestion points: The agent reads multiple files within the local repository, including README, package.json, landing pages, and marketing copy (Step 2: Gather Information).
- Boundary markers: There are no explicit instructions or delimiters defined to ensure the agent treats the repository content strictly as data and ignores any embedded instructions.
- Capability inventory: The skill has the capability to read files from the local filesystem and write the resulting document to
.claude/product-marketing-context.md. - Sanitization: The skill does not implement any validation, filtering, or escaping of the content ingested from the codebase before processing it.
Audit Metadata