paywall-upgrade-cro
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWSAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill defines a data ingestion surface that could be used to influence agent behavior if the source file contains malicious instructions.
- Ingestion points: .claude/product-marketing-context.md (referenced in SKILL.md).
- Boundary markers: Absent.
- Capability inventory: Text generation and reasoning only. No subprocess calls, remote execution, file-write, or network operations found.
- Sanitization: Absent; the skill reads the context file directly into the agent context.
- Data Exposure (INFO): The skill requests sensitive business metrics (conversion rates, revenue per user, pricing models) in its assessment questions. While standard for CRO tasks, this represents the processing of sensitive business data.
Audit Metadata