direction-marketing
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill relies on reading and processing data from external files (e.g.,
.project/strategy/problem-definition.md). This creates a surface for indirect prompt injection if those files contain malicious instructions. - Ingestion points: User inputs during 'discovery' and existing files within the
.project/directory. - Boundary markers: The skill uses structured templates and explicit validation checklists to delimit content, though these do not fully prevent adversarial instructions.
- Capability inventory: The agents primarily perform text analysis and file writing/reading via the project structure.
- Sanitization: The workflow includes a mandatory 'Human Validation' step where a human review is required before final publication/usage, significantly mitigating the risk of automated exploitation.
- [COMMAND_EXECUTION]: The skill includes shell script snippets in
SKILL.mdand JavaScript files in thetests/directory. These are used for project governance and CI/CD validation (e.g., checking if a 'degraded mode' deadline has passed or verifying the existence of required marketing documents). The paths used in these scripts are protected against traversal attacks using normalized relative path checks.
Audit Metadata