homepage-generator
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill instructs the agent to read project context files (
.claude/project-context.mdor.cursor/project-context.md). This is a legitimate functional requirement for gathering business context to improve content generation and does not involve accessing sensitive system credentials or private keys. - [PROMPT_INJECTION]: The skill processes untrusted data from the local filesystem (
project-context.md), which represents an indirect prompt injection surface. An attacker who can modify these files could potentially influence the agent's output. However, the skill does not possess dangerous capabilities like arbitrary command execution or network exfiltration, limiting the impact of such an injection.
Audit Metadata