afrexai-competitive-intel
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown-based instructions and YAML data templates. There are no scripts, binaries, or executable components provided within the skill files.
- [SAFE]: No malicious patterns were detected. The skill does not attempt to access sensitive files, exfiltrate data, or bypass safety guidelines. All external links point to the author's documentation and related skills.
- [INDIRECT_PROMPT_INJECTION]: The skill defines workflows that ingest data from untrusted external sources, such as competitor websites and review platforms (G2, Capterra).
- Ingestion points: Phase 1 (Market Mapping) and Phase 2 (Product Teardown) involve reading external web content.
- Boundary markers: None present in the provided templates.
- Capability inventory: No internal script capabilities; relies on the agent's native tools (e.g., web search, browser).
- Sanitization: Not present in the templates. While this creates a surface for indirect prompt injection from malicious external sites, it is a functional requirement for competitive intelligence and is not a flaw in the skill's own logic.
Audit Metadata