product-discovery
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or security vulnerabilities were detected. The skill provides purely instructional content for product management workflows.
- [NO_CODE]: The skill consists entirely of markdown documentation and does not include any scripts, executable code, or package dependencies.
- [DATA_EXPOSURE]: The instructions involve reading standard project artifacts (PRDs, feature requests, Slack threads) for context. There are no commands for accessing sensitive system files (e.g., .ssh, .aws) or hardcoded credentials.
- [COMMAND_EXECUTION]: The skill does not invoke any shell commands or subprocesses. It recommends writing a markdown research plan to the local filesystem in a designated 'thoughts/' directory, which is a benign operation.
- [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: Processes external text data such as PRDs, Slack threads, and customer feedback (SKILL.md).
- Boundary markers: None explicitly defined in the prompt template.
- Capability inventory: No risky capabilities (network, exec, eval, or administrative filesystem access) are utilized by this skill.
- Sanitization: Input data is not sanitized, but since the only output is a text-based research plan, there is no execution path for potential injections.
Audit Metadata