product-marketing-context
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its automated repository analysis workflow.
- Ingestion points: The agent is directed in Step 2 to read files such as README, package.json, and other marketing documents to draft the context.
- Boundary markers: There are no explicit boundary markers or directives to the agent to treat the repository content strictly as data or to ignore embedded instructions.
- Capability inventory: The skill allows the agent to write the analyzed content back to the local filesystem at
.agents/product-marketing-context.md. - Sanitization: The skill does not include any validation or sanitization of the information extracted from the codebase before it is used to generate the final document.
Audit Metadata