product-marketing-context
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Vulnerability to Indirect Prompt Injection (Category 8).
- Ingestion points: The skill reads untrusted data from the repository, specifically files like README, landing pages, marketing copy, and package.json.
- Boundary markers: Absent. The instructions do not provide delimiters or warnings to ignore instructions embedded in the ingested files.
- Capability inventory: The skill performs file-system read operations on the codebase and file-system write operations to the
.claude/directory. - Sanitization: Absent. There is no evidence of escaping or filtering content extracted from the files before it is processed by the LLM.
Audit Metadata