cold-email
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is composed entirely of instructional Markdown files (
SKILL.mdand several reference files). There are no shell scripts, Python files, or JavaScript files associated with the skill, eliminating risks related to command execution or runtime vulnerabilities. - [DATA_EXPOSURE]: The skill references a local file
.claude/product-marketing-context.mdto gather task-specific context. This is a standard pattern for context-aware agents to personalize output based on local project data and does not involve accessing sensitive system directories, credentials, or environment variables. - [REMOTE_CODE_EXECUTION]: No remote code patterns were detected. There are no calls to
curl,wget, or package managers (pip,npm), and no external URLs are used to fetch executable content. - [PROMPT_INJECTION]: The instructions focus on copywriting principles and frameworks. There are no attempts to override the underlying AI safety guardrails, disable filters, or extract system prompts.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests external data (user input and the marketing context file), it lacks the necessary capabilities (such as file writing, shell access, or network requests) to be exploited via indirect injection. The attack surface is limited to text generation within the current session.
Audit Metadata