competitive-positioning
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through its research functionality.
- Ingestion points: Data enters the agent context via
WebSearchandWebFetchwhen analyzing competitor websites and public review forums like G2 or Capterra. - Boundary markers: The skill does not implement delimiters or safety instructions to separate untrusted external data from its own core logic, which could lead to the agent following instructions found on a competitor's site.
- Capability inventory: The skill is granted access to file-writing tools (
Write,Edit) and network tools (WebFetch), increasing the potential risk if a successful injection occurs. - Sanitization: There is no evidence of content filtering or validation for external data before it is processed by the model.
Audit Metadata