gap-finder
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill consists exclusively of Markdown-based instructions and workflows. It does not contain any Python scripts, JavaScript files, or binary executables, which significantly limits its ability to perform unauthorized system operations.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its core function of retrieving and acting upon untrusted data from the open web.
- Ingestion points: The skill performs extensive searches on Google, GitHub, Reddit, Stack Overflow, and various app stores to gather competitor data and verify user pain points (as defined in VALIDATION.md).
- Boundary markers: The instructions lack specific delimiters or instructions to ignore potential adversarial commands embedded within the retrieved search results.
- Capability inventory: The skill has the ability to write state information to 'gap-finder-state.md' in the current working directory and is instructed to parallelize validation tasks across other agents when possible (as noted in SKILL.md and VALIDATION.md).
- Sanitization: There are no explicit requirements or steps for the agent to sanitize, escape, or validate the integrity of the data found in external forums or repositories before using it to make 'kill' or 'survive' decisions for project ideas.
Audit Metadata