ai-products
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it processes untrusted external data.
- Ingestion points: Data is fetched from public sources including Product Hunt, Hacker News, GitHub RSS, and Techmeme (SKILL.md).
- Boundary markers: Absent. The workflow and TEMPLATE.md do not include delimiters or instructions to the agent to ignore potential commands embedded within the fetched product descriptions.
- Capability inventory: The skill possesses file system write capabilities and network fetching. It does not exhibit high-risk capabilities such as arbitrary command execution (eval/exec) or access to sensitive system credentials.
- Sanitization: Absent. The skill instructions do not specify any filtering, escaping, or validation of the content retrieved from external platforms before including it in the output digest.
Audit Metadata