product-marketing
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or security vulnerabilities were detected during the analysis. The skill's content is educational and template-driven.
- [NO_CODE]: The skill consists entirely of Markdown documentation and templates. It does not contain any executable scripts (Python, JavaScript, Bash) or binary files, significantly reducing the attack surface.
- [EXTERNAL_DOWNLOADS]: No suspicious external downloads or remote code execution patterns were found. The installation instruction in the README uses a standard command for the platform's skill management.
- [INDIRECT_PROMPT_INJECTION]: The skill defines several file patterns (e.g., page.tsx, layout.tsx, and documentation files) as context. While reading these files could theoretically expose the agent to instructions embedded in project content, the skill lacks any dangerous tools or executable capabilities that could be leveraged in an attack. Mandatory Evidence Chain:
- Ingestion points: Project source code and documentation files defined in the YAML frontmatter (e.g.,
src/app/**/page.tsx,docs/**/*.md). - Boundary markers: Absent.
- Capability inventory: No subprocesses, network operations, or file-write capabilities are defined in the skill.
- Sanitization: Absent.
Audit Metadata