app-store
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill is entirely composed of Markdown files. No Python scripts, JavaScript files, or other executable binaries are present in the skill package.- [PROMPT_INJECTION]: The skill architecture is susceptible to indirect prompt injection.
- Ingestion points: The skill is designed to process external, untrusted data including App Store reviews and information retrieved via the
WebSearchandReadtools during competitor analysis. - Boundary markers: The skill files do not provide any delimiters or specific instructions for the agent to distinguish between data and potential commands within the processed text.
- Capability inventory: The skill includes access to powerful tools such as
Read,Write,Edit, andWebSearch. If an attacker-controlled review or web page contains malicious instructions, the agent could be manipulated into performing unintended file or network operations. - Sanitization: There are no instructions for the agent to validate, sanitize, or filter external content before it is incorporated into the generation process.
Audit Metadata