legal-review
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze untrusted external data such as PRDs and strategy documents.
- Ingestion points: Processes user-provided PRDs, product strategies, and data handling descriptions (SKILL.md).
- Boundary markers: Absent. The templates do not define delimiters or instructions to ignore embedded commands in the processed data.
- Capability inventory: None. The skill does not execute code, perform file-writes, or make network calls.
- Sanitization: None provided in the instructions.
- [Prompt Injection] (SAFE): No malicious instructions, bypass attempts, or 'ignore previous instructions' patterns were found. The persona instructions are standard and professional.
- [Data Exposure & Exfiltration] (SAFE): No code is present; no network operations or sensitive file accesses are defined. It references organizational context files (CLAUDE.local.md) which is standard for workspace-aware agents.
- [No Code] (INFO): This is a markdown-only skill providing persona-based instructions. It does not include scripts or configurations that could execute commands.
Audit Metadata