analytics-tracking
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection via the ingestion of untrusted data from a local file.\n
- Ingestion points:
SKILL.mddirects the agent to read.claude/product-marketing-context.mdto establish business context.\n - Boundary markers: There are no specific delimiters or instructions to ignore embedded instructions within the ingested context file.\n
- Capability inventory: The skill is composed of markdown instructions and implementation templates; it does not include executable scripts with capabilities for subprocess execution, network operations, or file-system modifications.\n
- Sanitization: No sanitization or validation logic is applied to the content of the ingested file.\n- [EXTERNAL_DOWNLOADS]: The skill provides implementation guidelines that reference external resources from well-known technology providers.\n
- Evidence:
references/gtm-implementation.mdincludes a code snippet for the Facebook Pixel that fetches code fromhttps://connect.facebook.net/en_US/fbevents.js.
Audit Metadata