growth-ceo
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill reads external data from the user's project environment to formulate strategic advice and subsequently performs file-writing operations based on that analysis. This creates a potential vector where malicious content inside the analyzed files could attempt to manipulate the agent's instructions or the content it persists to disk.
- Ingestion points: The skill reads the codebase, README, and documentation during its 'Analyze' phase (SKILL.md).
- Boundary markers: There are no explicit delimiters or specific instructions for the agent to treat content from external files as untrusted or to ignore embedded instructions within them.
- Capability inventory: The skill has permission to use 'Write' and 'Edit' tools to save initiatives as markdown files (SKILL.md).
- Sanitization: The skill does not define any sanitization or validation logic for the external content it processes before using it to generate and save output files.
Audit Metadata