Competitor Tracker
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill outlines workflows (Workflow 2) for monitoring competitor websites, social media, and customer reviews, which involves processing untrusted external content. 1. Ingestion points: SKILL.md (Workflow 2). 2. Boundary markers: No delimiters or ignore-instructions are specified in the markdown. 3. Capability inventory: No custom scripts or tools are included; the skill relies on the agent's core capabilities. 4. Sanitization: No input validation or sanitization instructions are provided.
- [NO_CODE] (SAFE): This skill contains no Python, Node.js, or shell scripts, eliminating the possibility of direct remote code execution or persistence via the skill itself.
Audit Metadata