product-marketing-context
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Detected an indirect prompt injection surface.
- Ingestion points: The skill reads external data from codebase files including README.md, landing pages, and marketing copy.
- Boundary markers: Absent. The instructions do not define delimiters or provide 'ignore embedded instructions' warnings for the data being read.
- Capability inventory: The skill writes a persistent markdown file to '.claude/product-marketing-context.md' which is intended to be consumed by other automated skills.
- Sanitization: Absent. No escaping or validation is applied to the content extracted from the repository files before it is used to draft the document.
- [NO_CODE] (SAFE): The skill is composed entirely of markdown instructions and does not include any executable scripts, binaries, or third-party package dependencies.
Audit Metadata