behavioral-product-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No malicious prompt injection patterns were detected. The skill includes safety-positive instructions to refuse requests for creating 'dark patterns' or deceptive user interfaces.
- DATA_EXFILTRATION (SAFE): No network operations (such as curl or wget) or sensitive file path access (such as SSH keys or environment files) were found.
- REMOTE_CODE_EXECUTION (SAFE): The skill does not download or execute external scripts or packages. There are no remote code patterns present.
- COMMAND_EXECUTION (SAFE): No shell commands, subprocess spawning, or system-level operations are utilized in the skill.
- INDIRECT_PROMPT_INJECTION (LOW): The skill identifies a data ingestion surface where it processes user-provided research and product context. However, because the skill has no executable capabilities or external network access, the impact of a potential injection is limited to the content of the generated design document. The skill also includes a mandatory ethics checklist and boundary markers to mitigate risks.
- OBFUSCATION (SAFE): All content is provided in clear text without any encoding, hidden characters, or homoglyphs.
Audit Metadata