page-cro
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to analyze untrusted content from marketing and landing pages.
- Ingestion points: Marketing page copy and user-supplied audit data are processed in SKILL.md and the referenced Python scripts.
- Boundary markers: There are no explicit delimiters or instructions to the agent to disregard potential commands embedded within the analyzed text.
- Capability inventory: The skill executes local Python scripts (page_cro_scorer.py, headline_scorer.py, conversion_benchmark_calculator.py) for data analysis. It does not perform network operations or high-privilege system calls.
- Sanitization: The skill does not perform sanitization of external text inputs before processing.
Audit Metadata