prd-v09-gtm-strategy
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill contains only Markdown instructions and templates for strategic planning. No code execution, file system access, or network calls are present.
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process data from previous workflow steps (e.g., PER- personas, CFD- value hypotheses). While this creates a theoretical surface for indirect prompt injection, the skill lacks the capabilities (like shell execution or network exfiltration) to be weaponized effectively.
- Ingestion points: References to PER-, CFD-, and BR- entries from earlier workflow versions.
- Boundary markers: None explicitly defined to separate untrusted data from instructions.
- Capability inventory: No executable scripts or system commands found; the skill only generates text output.
- Sanitization: No explicit sanitization or validation of the input data is described.
Audit Metadata