mkt-root-cause
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of instructional content for performing root cause analysis. It does not include scripts, binaries, or commands that could compromise system security.
- [INDIRECT_PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it is designed to ingest and process data from external files and web searches.
- Ingestion points: Data from
.agents/mkt/hypotheses.md, user-provided files (CSVs, reports, screenshots), and WebSearch results. - Boundary markers: Absent; there are no specific instructions to treat external data as untrusted or to wrap it in delimiters.
- Capability inventory: The skill is restricted to file read/write operations within the
.agents/mkt/directory and performing web searches. No high-risk capabilities like shell execution, dynamic code evaluation, or unauthorized network POST requests are present. - Sanitization: Absent; the skill does not specify any validation or filtering logic for the ingested data.
Audit Metadata