product-marketing-context
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill performs its stated function of document management within the user's workspace.
- [PROMPT_INJECTION]: The skill ingests data from untrusted repository files (such as READMEs and marketing copy) to auto-draft content. While this creates a surface for indirect prompt injection, the risk is mitigated because the skill lacks dangerous capabilities such as network access, system command execution, or access to sensitive credentials.
- [DATA_EXFILTRATION]: The skill reads local project files and writes to a specific local configuration file (
.claude/product-marketing-context.md). No network operations, data exfiltration patterns, or attempts to access sensitive directories (e.g., .ssh, .aws) were identified.
Audit Metadata