growth-ceo
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill uses an extensive persona-based system ("Growth CEO") to provide strategic advice. Additionally, it presents a vulnerability surface for indirect prompt injection.\n
- Ingestion points: The skill is instructed to read the codebase, README, and project documentation (SKILL.md, Workflow Step 1).\n
- Boundary markers: Absent; there are no instructions to ignore or isolate commands that may be embedded in the analyzed data.\n
- Capability inventory: The skill uses
WriteandEdittools to persist initiatives as markdown files (SKILL.md, Workflow Step 3).\n - Sanitization: Absent; the skill does not filter or validate content ingested from the project files before processing.\n- [COMMAND_EXECUTION]: The skill uses file system tools to perform project analysis and document generation.\n
- Evidence: The
allowed-toolssection in SKILL.md includesRead,Write,Edit,Glob, andGrep.\n- [DATA_EXFILTRATION]: The skill accesses sensitive project data including source code and internal documentation.\n - Evidence: Workflow Step 1 requires reading the entire codebase. While there is no direct network exfiltration, project secrets or sensitive logic could be inadvertently exposed in the generated initiative files.
Audit Metadata