product-led-growth
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill uses standard role-playing and grounding instructions to define a PLG Strategist persona. It directs the agent to prioritize specific reference files over generic knowledge, which is a common and safe practice for domain-specific agents. No malicious bypass or system override patterns were detected.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or network transmission commands are present. The skill does not interact with the host filesystem or the internet.
- [Remote Code Execution] (SAFE): The skill does not contain executable scripts or commands that download or run external code. It is a documentation-only skill.
- [Persistence & Privilege Escalation] (SAFE): The skill does not attempt to modify system configurations, shell profiles, or acquire elevated permissions (e.g., sudo).
- [Indirect Prompt Injection] (SAFE): While the skill is designed to process user-provided business strategy descriptions, it lacks any functional 'tools' (such as code execution, API calls, or web browsing) that could be exploited by malicious input embedded in user data.
Audit Metadata