ecommerce-marketing-strategy-builder
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill instructions create an indirect prompt injection surface by requiring the agent to research external websites and competitor reviews.
- Ingestion points: Step 3 (Competitive Landscape) involves searching for and analyzing brand websites, pricing, and customer reviews from external platforms.
- Boundary markers: Absent; the workflow does not provide delimiters or instructions to treat external data as untrusted.
- Capability inventory: The skill is entirely prompt-based and does not contain scripts or tools for file system or network operations.
- Sanitization: Absent; no methods for escaping or validating external content are defined.
- [EXTERNAL_DOWNLOADS]: The skill provides installation instructions using the
npx skillsframework. - Evidence:
npx skills add nexscope-ai/eCommerce-Skills --skill ecommerce-marketing-strategy-builder -g - Details: This command fetches the skill definition from the author's official GitHub repository.
- [SAFE]: No obfuscated code, hidden instructions, or credential exposure were detected. All external resource links point to the author's verified GitHub repository and infrastructure.
Audit Metadata