product-operations
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No malicious instructions, override attempts, or jailbreak patterns detected in any of the skill files.
- Data Exposure & Exfiltration (SAFE): No access to sensitive files, hardcoded credentials, or external network communication paths were identified.
- Remote Code Execution (SAFE): The skill consists entirely of Markdown and JSON metadata; no executable scripts, package dependencies, or remote download logic are present.
- Indirect Prompt Injection (LOW): 1. Ingestion points: User-provided organizational context and stakeholder data (defined in INTAKE.md). 2. Boundary markers: None explicitly defined in the provided templates. 3. Capability inventory: The skill is limited to generating Markdown text outputs; it has no system-level, subprocess, or network capabilities. 4. Sanitization: None observed. Because the skill lacks exploitable capabilities, the risk of indirect injection is negligible.
Audit Metadata