competitive-battlecard
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its dependency on external, untrusted data sources.
- Ingestion points: The skill uses web search to gather data from third-party sites (G2, Capterra, Reddit) and reads user-supplied files (win/loss data, feature lists) as specified in SKILL.md.
- Boundary markers: No explicit delimiters or safety instructions are provided to ensure the agent ignores potentially malicious commands embedded in the researched content or uploaded files.
- Capability inventory: Capabilities are limited to information synthesis and markdown text generation; no high-risk capabilities such as code execution, system-level file access, or unauthorized network exfiltration were detected.
- Sanitization: The skill lacks validation or filtering steps for the information retrieved from external sources before it is incorporated into the agent's processing context.
Audit Metadata