product-manager-skill
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of local JavaScript scripts (e.g., scripts/openclaw-growth-engineer.mjs) via the Node.js runtime to perform analytics processing and GitHub issue automation.
- [EXTERNAL_DOWNLOADS]: The installation instructions direct users to run npx skills add Wotaso/ai-product-manager-skill, which downloads the skill contents from a remote repository.
- [PROMPT_INJECTION]: The skill processes external, potentially untrusted data sources, creating a surface for indirect prompt injection attacks. 1. Ingestion points: Ingests analytics summaries, revenue data, and error logs (e.g., analytics_summary.json, sentry_summary.json) provided as command-line arguments. 2. Boundary markers: No explicit delimiters or instructions are provided to separate these data inputs from the agent's core instructions. 3. Capability inventory: The skill has the capability to execute local Node.js scripts and perform network requests to the GitHub API for issue creation. 4. Sanitization: No content validation or sanitization of the input data is performed before it is processed by the AI model.
Audit Metadata