ugc-saas
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill's prompt templates (SKILL.md) rely on bracketed placeholders which are populated with untrusted user data. \n
- Ingestion points: User-provided values for placeholders like [PRODUCT], [AUDIENCE], and [PAIN POINT] in SKILL.md. \n
- Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are included in the templates. \n
- Capability inventory: No executable code, network operations, or file system access are present in the skill files. \n
- Sanitization: Absent; no validation or sanitization logic is defined for the input variables. \n- [NO_CODE]: The skill consists entirely of markdown documentation and contains no scripts, binaries, or automated tasks.
Audit Metadata