sales-pitch
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. 1. Ingestion points: It reads project-specific files (e.g., onboarding.md, positioning.md) and processes data from web searches (SKILL.md, lines 20-23, 53, 62). 2. Boundary markers: It lacks delimiters or instructions to ignore instructions found within external data. 3. Capability inventory: The agent can write to project files and perform web searches. 4. Sanitization: No validation or sanitization of ingested content is performed before processing.
Audit Metadata