Skills
skills/jonathimer/devmarketing-skills/competitor-tracking/Gen Agent Trust Hub

competitor-tracking

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes shell commands using the GitHub CLI (gh) to retrieve repository metadata and search issues. These are standard commands for information gathering from a well-known service.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted external content.
  • Ingestion points: The skill identifies GitHub issues, social media mentions, and community forums as data sources (SKILL.md).
  • Boundary markers: There are no boundary markers or instructions to ignore embedded commands within the retrieved data.
  • Capability inventory: The skill uses the GitHub CLI (gh) for data retrieval (SKILL.md).
  • Sanitization: The skill does not implement sanitization or filtering for the external data it processes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 02:26 PM