lead-magnet-generator
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing business context and user requirements without adequate sanitization or boundary markers. Ingestion points: The skill reads
FOUNDER_CONTEXT.mdand user requirements from$ARGUMENTS. Boundary markers: No delimiters or instructions to ignore embedded commands are present in the generation prompts. Capability inventory: The agent uses aReadtool with directory traversal (../) to access files in sibling directories (e.g.,viral-hook-creator). Sanitization: No input validation or escaping is performed on the ingested data before it is processed. - [NO_CODE]: The provided skill files consist exclusively of markdown instructions and reference text, containing no executable scripts, binaries, or automated configuration files.
Audit Metadata