referral-program
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A comprehensive review of the skill's markdown files and evaluation logic reveals no evidence of prompt injection, obfuscation, or malicious command execution. The content is strictly informational and advisory.
- [DATA_EXPOSURE]: The skill instructions include reading from local context files such as
.agents/product-marketing-context.md. These are project-specific configuration files used to maintain state and do not represent exposure of sensitive system credentials or private user data. - [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes data from external context files and user input. However, because the skill does not utilize high-risk tools (e.g., shell access, file writing, or network requests), the risk associated with this ingestion point is negligible.
Audit Metadata