competitor-alternatives
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Category 8: Indirect Prompt Injection] (INFO): The skill possesses a vulnerability surface for indirect prompt injection.
- Ingestion points: Reads from
.claude/product-marketing-context.md. - Boundary markers: Absent; instructions do not explicitly wrap or delimit the file content.
- Capability inventory: Limited to text generation and content structuring; no command execution or network capabilities were identified in
SKILL.md. - Sanitization: Absent.
- Severity Tier: INFO/LOW because the skill lacks write or execute permissions, minimizing the impact of any potential injection.
- [Category 4: Unverifiable Dependencies & RCE] (SAFE): No remote code execution or package installations detected.
- [Category 2: Data Exposure & Exfiltration] (SAFE): No sensitive file access or network communication patterns identified.
Audit Metadata