product-manager
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: Analysis of the skill body and referenced files shows no evidence of malicious code, obfuscation, or unauthorized data access. The skill operates entirely within the agent's conversational context.
- [NO_CODE]: The skill does not include any Python or Node.js scripts, relying solely on Markdown instructions and local template files.
- [DATA_EXFILTRATION]: No network-capable commands or sensitive file path access patterns are present. Examples involving services like SendGrid are placeholders and do not contain real credentials.
- [PROMPT_INJECTION]: The skill identifies user-provided documents as inputs for analysis. Ingestion points: 'Review' and 'Decompose' prompts in SKILL.md. Boundary markers: none. Capability inventory: no network, file-write, or subprocess capabilities. Sanitization: none. The lack of dangerous capabilities makes this risk minimal.
Audit Metadata