product-marketing-context
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it automatically reads and processes untrusted data from the local repository to 'auto-draft' marketing context.
- Ingestion points: The skill reads
README,package.json, landing pages, marketing copy, and other existing documentation files in the repository. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when the agent reads these external files.
- Capability inventory: The skill performs file read operations across the repository and file write operations to
.agents/product-marketing-context.md. - Sanitization: There is no explicit sanitization or validation of the content read from the codebase before it is processed by the LLM.
Audit Metadata