Skills
skills/ognjengt/founder-skills/cro-optimization/Gen Agent Trust Hub

cro-optimization

Pass

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: LOWPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • Prompt Injection (LOW): The skill processes untrusted external content, creating a vulnerability to indirect prompt injection where instructions in the analyzed page could influence the agent.
  • Ingestion points: Landing page content is retrieved via the WebFetch tool or accepted via $ARGUMENTS (File: SKILL.md, Step 3).
  • Boundary markers: Absent. No delimiters or 'ignore instructions' directives are used for the external data.
  • Capability inventory: The skill uses Read and WebFetch but does not include tools for arbitrary command execution or file system writing.
  • Sanitization: There is no evidence of sanitization or filtering of the fetched data before analysis.
  • Data Exfiltration (LOW): The skill uses WebFetch to access arbitrary, non-whitelisted domains to retrieve content for analysis (File: SKILL.md, Step 3).
Audit Metadata
Risk Level
LOW
Analyzed
Feb 15, 2026, 11:15 PM