product-guide
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions are focused on product auditing heuristics. No patterns were found that attempt to bypass AI safety constraints or override system behavior.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive file paths, environment variables, or hardcoded credentials was detected. There are no network calls to external domains.
- [Obfuscation] (SAFE): All content is provided in clear, readable Markdown. No hidden characters, Base64 encoding, or URL masking techniques were used.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not reference any external Python or Node.js packages, nor does it attempt to download or execute remote scripts.
- [Indirect Prompt Injection] (LOW): The skill is designed to process untrusted data (user-provided product logic and feature flows).
- Ingestion points: User-provided logic/flows processed during the audit phase.
- Boundary markers: None identified.
- Capability inventory: No dangerous tools (subprocess, file system, or network) are available to this skill.
- Sanitization: None identified, but the lack of capabilities prevents exploitation.
Audit Metadata