blue-ocean-sourcing
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill provides strategic advice on product viability and factory vetting by referencing local markdown files.
- [NO_CODE]: Although referenced in the core instructions, the file scripts/margin_calculator.py is empty and contains no executable logic.
- [SAFE]: The skill includes links to the vendor's official website (rijoy.ai) for additional service context, which is consistent with the skill's purpose and author.
- [SAFE]: The skill possesses an indirect prompt injection surface through the ingestion of user product descriptions in SKILL.md. No specific boundary markers or sanitization logic are present to delimit untrusted input. However, the capability inventory is limited to reading internal markdown files and calling an empty script, with no network or system access, rendering the risk negligible.
Audit Metadata