products-page-generator
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is configured to read project-specific marketing context files (.claude/product-marketing-context.md or .cursor/product-marketing-context.md). This behavior allows untrusted data to enter the agent context, creating a surface for indirect prompt injection.
- Ingestion points: The files are read during the assessment phase in SKILL.md.
- Boundary markers: No delimiters are present to separate the context file content from the agent's instructions.
- Capability inventory: The skill is restricted to content generation and metadata suggestions; it lacks capabilities for network communication, subprocess execution, or file writing.
- Sanitization: No sanitization or validation is performed on the ingested content.
Audit Metadata