competitive-intelligence
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No malicious override commands or safety bypass patterns detected. Grounding instructions are standard for RAG-based skills.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, access to sensitive local paths, or network communication detected.
- Obfuscation (SAFE): All content is provided in plain-text markdown without any encoding, hidden characters, or homoglyphs.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not include any dependency manifests (package.json, requirements.txt) or commands to download/execute remote scripts.
- Privilege Escalation (SAFE): No commands related to system permissions or administrative access were found.
- Persistence Mechanisms (SAFE): No scripts or instructions for maintaining access or modifying system startup configurations are present.
- Metadata Poisoning (SAFE): Metadata fields are descriptive and match the intended functionality of the skill.
- Indirect Prompt Injection (SAFE): While the skill processes user-provided competitor information, it lacks any capability for file writes or network requests, neutralizing potential injection surfaces.
- Dynamic Execution (SAFE): No runtime code generation, compilation, or unsafe deserialization patterns are present.
Audit Metadata