sk-competitors
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it ingests and processes untrusted data from various web platforms. \n
- Ingestion points: Phase 2 research waves (Sentiment Mining, Competitor Profiles, GTM Analysis) fetch content from external competitor websites, review platforms (G2, Capterra), and community forums (Reddit, Hacker News). \n
- Boundary markers: No explicit delimiters or instructions to ignore embedded directives are provided when processing external content. \n
- Capability inventory: The skill is capable of writing synthesized reports and battle cards to the local workspace and performing sequential web searches based on findings. \n
- Sanitization: The instructions do not specify any sanitization, validation, or escaping of the external data before it is incorporated into final reports. \n- [DATA_EXFILTRATION]: The skill performs network operations to non-whitelisted domains during its research phases, which can lead to the exposure of business-sensitive context. \n
- Evidence: Research agents query third-party domains and search engines using specific details about the user's business niche and problem statements extracted from session files (e.g.,
02-niches.md). While these domains are well-known services, the transmission of business strategy to external providers constitutes a potential data leakage vector.
Audit Metadata