analytics-tracking
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructions advise the agent to read
.claude/product-marketing-context.mdto gain project-specific information. This ingestion of untrusted data represents a surface for indirect prompt injection. Ingestion points: .claude/product-marketing-context.md. Boundary markers: Absent. Capability inventory: The skill provides instructions and templates but does not contain direct code execution or tool-use definitions. Sanitization: No sanitization or validation of the context file content is specified.
Audit Metadata