lead-magnet
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted user input and existing project data to generate executable HTML and Markdown content. \n- Ingestion points: The skill collects business details, audience information, and existing content from the user, and reads local files such as voice-profile.md and positioning.md from the brand-memory/ directory. \n- Boundary markers: There are no explicit delimiters or instructions to ignore potential injections within the ingested data during the generation process. \n- Capability inventory: The skill has the capability to write files to the local file system, including .html files containing client-side JavaScript and .md files. \n- Sanitization: No sanitization, escaping, or validation of external content is performed before interpolating it into the generated assets.
Audit Metadata