signup-flow-cro
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override system prompts or bypass safety filters. The language is purely instructional for the intended CRO task.
- [Data Exposure & Exfiltration] (SAFE): There are no commands that access sensitive file paths, no hardcoded credentials, and no network operations present in the skill.
- [Remote Code Execution] (SAFE): The skill does not contain any code blocks, shell commands, or external script calls.
- [Obfuscation] (SAFE): No encoded strings, zero-width characters, or homoglyphs were detected.
- [Indirect Prompt Injection] (SAFE): While the skill is designed to analyze signup flows, it does not include mechanisms to automatically ingest untrusted external data (like scraping live URLs) or perform high-risk actions based on such data. It functions solely as a reasoning framework for the agent.
- [Persistence & Privilege Escalation] (SAFE): No commands for modifying system configuration, shell profiles, or acquiring elevated privileges were found.
Audit Metadata