competitor-price-tracker
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- NO_CODE (SAFE): The file analyzed contains only markdown text and metadata. There are no shell scripts, Python/Node.js files, or configuration files that could execute commands or perform network operations.- Indirect Prompt Injection (LOW): The skill is designed to process data from external competitor websites. This creates a potential attack surface where malicious actors could hide instructions on web pages to influence the agent's behavior. However, because no implementation code (e.g., scraping tools or API calls) is included in the skill, this remains a theoretical risk inherent to the use case rather than a flaw in the provided content. Evidence: 1. Ingestion points: Competitor pricing pages mentioned in description. 2. Boundary markers: Absent. 3. Capability inventory: No tools or code provided. 4. Sanitization: Absent.
Audit Metadata