cro-methodology
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Category 1: Prompt Injection] (SAFE): No patterns of instruction override, role-play injection, or system prompt extraction were found. The instructional text is focused entirely on the conversion optimization methodology.
- [Category 2: Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. An affiliate link to Amazon is present in the further reading section but constitutes documentation, not executable code.
- [Category 3: Obfuscation] (SAFE): No Base64, zero-width characters, or other encoding techniques were used to hide content.
- [Category 4: Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not include any scripts, package configuration files (like package.json or requirements.txt), or remote download commands.
- [Category 8: Indirect Prompt Injection] (SAFE): While the skill is intended to analyze user-provided data (websites/copy), it lacks any executable capabilities—such as file writing, network requests, or command execution—that could be leveraged by a malicious input to cause harm.
- [Category 10: Dynamic Execution] (SAFE): No runtime compilation, library injection, or dynamic loading of code occurs as the skill contains only static content.
Audit Metadata