referral-program
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill uses standard role-play instructions ('You are an expert...') without any attempts to bypass safety filters or override system-level constraints.\n- [Data Exposure & Exfiltration] (SAFE): There are no commands for accessing sensitive system files or credentials. All content is static marketing advice.\n- [Remote Code Execution] (SAFE): No remote scripts, package installations, or dynamic code execution patterns are present.\n- [No Code] (SAFE): The skill contains no executable code files (.py, .js, .sh), only documentation and templates.\n- [Indirect Prompt Injection] (INFO): The skill references a local context file (
.claude/product-marketing-context.md). While this is an ingestion surface for external data, the skill possesses no capabilities (write operations, command execution) to exploit such an injection.
Audit Metadata