Skills
skills/yohayetsion/product-org-os/competitive-intelligence/Gen Agent Trust Hub

competitive-intelligence

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill manifest grants access to the Bash tool. While intended for internal operations within the Product Org OS framework, the ability to execute shell commands provides a high-privilege execution environment.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its data processing workflows.
  • Ingestion points: The skill uses WebSearch and Read tools to aggregate competitor data and market trends from arbitrary external websites (SKILL.md).
  • Boundary markers: The instructions lack specific delimiters or system-level directives to isolate external content or ignore instructions embedded within retrieved data.
  • Capability inventory: The agent has access to Bash, Write, Edit, and Task tools, which could be leveraged if the agent inadvertently obeys malicious instructions found in web content (SKILL.md).
  • Sanitization: There are no defined validation or sanitization routines to filter untrusted content before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 05:57 PM