product-marketing-context
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its automated ingestion of repository content.
- Ingestion points: The skill reads local files including README, landing pages, marketing copy, and package.json to draft the context document.
- Boundary markers: No delimiters or protective instructions are used to distinguish ingested file content from the skill's operational instructions.
- Capability inventory: The skill is limited to reading files and writing to the .claude/ directory; it lacks network access, subprocess execution, or shell capabilities.
- Sanitization: There is no validation or filtering of the content read from the repository files.
- [COMMAND_EXECUTION]: No shell commands, subprocess spawning, or administrative permission requests were identified.
- [DATA_EXFILTRATION]: No network-enabled tools or operations that could transmit data to external servers were found.
- [EXTERNAL_DOWNLOADS]: The skill does not reference or download any external packages, scripts, or remote resources.
Audit Metadata