competitor-profiling
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection due to the ingestion and processing of untrusted data from the open web.\n
- Ingestion points: The skill uses
firecrawl_scrapeandfirecrawl_searchto pull raw content from competitor websites and third-party review platforms (e.g., G2, Capterra) into the agent's context for synthesis.\n - Boundary markers: Absent. The instructions do not define clear boundaries (such as XML tags or specific markdown delimiters) to separate scraped external content from the agent's core instructions, nor do they include warnings to ignore instructions found within the scraped data.\n
- Capability inventory: The skill allows the agent to write files to the project root (
competitor-profiles/directory) and perform additional network operations through Firecrawl and DataForSEO tools.\n - Sanitization: Absent. There is no evidence of filtering, validation, or sanitization of the scraped markdown before it is analyzed and used to generate the final profile documents.
Audit Metadata