competitive-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A thorough analysis of the skill's instructions and reference material revealed no security vulnerabilities, obfuscation, or malicious patterns.
- [DATA_EXFILTRATION]: The skill utilizes local context files (MEMORY.md and USER.md) for personalized analysis, but it does not perform any network operations or include tools for external data transmission.
- [COMMAND_EXECUTION]: There are no shell commands, scripts, or dynamic context injection patterns (e.g., !command) within the skill files.
- [PROMPT_INJECTION]: The instructions are focused on legitimate product management frameworks and do not contain language intended to override system safety or bypass instructions.
- [SAFE]: Regarding indirect prompt injection (Category 8) attack surface: Untrusted data may enter via MEMORY.md and USER.md (Ingestion points), and while boundary markers and sanitization are absent, the skill possesses no dangerous tools or network capabilities (Capability inventory: None), rendering the risk negligible.
Audit Metadata