competitive-analyst
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of natural language instructions and JSON data structures used for context management and progress tracking. It does not contain any executable scripts, shell commands, or external dependencies.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze external data such as customer feedback, social media presence, and customer reviews. While this establishes a surface for indirect prompt injection where untrusted data could contain instructions for the agent, the risk is inherent to the functional purpose of competitive analysis and no specific exploitable patterns were found in the static instructions.
- [DATA_EXPOSURE]: No hardcoded credentials, sensitive file paths, or data exfiltration patterns were detected. The skill operates within the agent's provided context and focuses on public competitive intelligence.
Audit Metadata