product-marketing-context
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted data from the codebase.
- Ingestion points: The 'Auto-draft from codebase' step reads files such as README, landing pages, marketing copy, and package.json.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the processed files are provided.
- Capability inventory: The skill uses file read and write operations to generate and update the context document.
- Sanitization: There is no explicit sanitization of the content extracted from the project files.
- [NO_CODE]: The skill consists entirely of natural language instructions and does not include any executable scripts or binary files.
Audit Metadata