strategy-builder
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill's behavior is consistent with its stated purpose of marketing strategy generation.
- [PROMPT_INJECTION]: The skill uses instructional markers like 'IMPORTANT' and 'MUST READ', but these are used for task orchestration and workflow adherence rather than attempting to bypass safety guardrails or override system instructions.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill interacts with local market analysis data and writes to a specific project directory ('docs/knowledge/strategy/marketing/'). There are no network requests, credential leaks, or access to sensitive system paths.
- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface in 'Step 1: Load Market Analysis' where it reads external market data. While no sanitization or boundary markers are explicitly defined, the risk is minimal given the skill's limited toolset (TaskCreate, Read, Write, Edit) which prevents execution of arbitrary system commands or exfiltration of sensitive files.
Audit Metadata