intent-signal-aggregator-skill
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and analyze untrusted data from the web.
- Ingestion points: External job postings, news articles (e.g., TechCrunch), and company websites as specified in the intent signal categories.
- Boundary markers: The instructions lack explicit delimiters or instructions for the agent to ignore potential commands embedded within the analyzed content.
- Capability inventory: The skill performs file-write operations to the local filesystem at
~/.claude/skill-analytics/. - Sanitization: No content sanitization or validation steps are defined before the data is processed or included in the report.
Audit Metadata