gtm-icp
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from third-party websites during its research phase, creating a potential surface for indirect instructions. \n
- Ingestion points: Agent 1 and Agent 2 tasks in SKILL.md use WebSearch to mine language and behavior from G2, Reddit, and LinkedIn. \n
- Boundary markers: The prompts for these subagents do not currently use explicit delimiters or instructions to ignore embedded commands within the extracted web content. \n
- Capability inventory: The skill utilizes Read, Write, WebSearch, and Task (subagent) tools. \n
- Sanitization: No explicit content sanitization or escaping is performed on the data retrieved from external sources before it is processed by the subagents.
Audit Metadata