gtm-positioning
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security vulnerabilities or malicious patterns were identified in the skill. The logic is consistent with its stated purpose of defining product positioning and strategic messaging.
- [PROMPT_INJECTION]: The instructions do not contain any bypass attempts, override commands, or role-play injection patterns.
- [DATA_EXPOSURE_AND_EXFILTRATION]: No hardcoded credentials or sensitive file access patterns (e.g., SSH keys, ENV files) were detected. Network activity is limited to standard 'WebSearch' operations for market research.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute arbitrary scripts. The 'Task' tool is used for internal orchestration of sub-agents for research, which is a standard and controlled workflow.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests data from web searches, it does so within a structured synthesis process and does not present an exploitable vulnerability surface.
Audit Metadata