indexnow
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: No malicious intent, data exfiltration patterns, or hardcoded credentials were found within the skill documentation.- [NO_CODE]: The skill consists of markdown-based instructions and does not ship with any executable code or scripts.- [INDIRECT_PROMPT_INJECTION]: The skill creates an attack surface by instructing the agent to ingest data from untrusted local files which can influence subsequent actions.
- Ingestion points: Instructions direct the agent to read
.claude/product-marketing-context.mdand.cursor/product-marketing-context.md(SKILL.md). - Boundary markers: Absent; there are no delimiters or instructions to treat the ingested content as untrusted.
- Capability inventory: The skill recommends executing shell commands (
npm run build,npm run indexnow:all). - Sanitization: Absent; the skill lacks validation or escaping for data retrieved from context files.
Audit Metadata