onboarding-cro
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of Markdown-formatted instructions and reference data for conversion rate optimization (CRO). There are no scripts, binaries, or configuration files that execute logic.
- [DATA_EXPOSURE]: The instructions prompt the agent to read a local file at '.claude/product-marketing-context.md' to gain context about the user's product. This is a standard pattern for context-aware agents and does not involve any external data transmission or exposure of sensitive system files.
- [PROMPT_INJECTION]: While the skill reads external data from a product context file, it lacks any high-risk capabilities (such as network access, file writing, or command execution) that could be exploited via indirect prompt injection. The output is limited to text-based recommendations and audits.
Audit Metadata