page-cro
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No security issues were detected. The skill is composed of natural language instructions and a reference markdown file that provide a structured approach to marketing analysis.
- Data Exposure (SAFE): The skill checks for a local file at
.claude/product-marketing-context.mdto gain product context. This is a common pattern for project-specific AI agents and does not involve accessing sensitive system files or exfiltrating data. - Indirect Prompt Injection (SAFE): The skill is designed to analyze marketing page content provided by the user, which acts as an ingestion point for untrusted data. However, there is no risk of harm as the skill does not have any 'capabilities' such as network access, file writing, or command execution. (Evidence: Ingestion point: Marketing page content; Boundary markers: None; Capability inventory: No dangerous tools; Sanitization: None).
Audit Metadata