aso-audit
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because its core functionality involves fetching and processing untrusted data from external web sources.
- Ingestion points: The skill fetches live listing data from apps.apple.com and play.google.com using web tools and reads local project files such as .agents/product-marketing-context.md.
- Boundary markers: There are no instructions in the skill to wrap the external data in delimiters or to instruct the agent to ignore any potential commands embedded within that data.
- Capability inventory: The agent has the capability to fetch web content and take screenshots of external pages.
- Sanitization: The skill does not provide instructions for sanitizing, validating, or filtering the content retrieved from the app store listings before processing it.
- [SAFE]: No evidence of malicious behavior, obfuscation, hardcoded credentials, or unauthorized command execution was found in the skill's instructions or reference files.
Audit Metadata