onboarding-cro
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions to ingest data from external context files, which constitutes a vulnerability surface for indirect prompt injection.
- Ingestion points: The agent is directed to read from
.agents/product-marketing-context.mdand.claude/product-marketing-context.md. - Boundary markers: There are no defined delimiters or specific instructions provided to the agent to disregard potential instructions embedded within the ingested context files.
- Capability inventory: The skill files contain no subprocess executions, dynamic code evaluations (eval/exec), network requests, or file-system write operations.
- Sanitization: No sanitization, validation, or filtering of the content from the external context files is specified in the skill instructions.
Audit Metadata