launch-asset-packager

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill functions as an organizational manifest for marketing assets and does not exhibit any malicious patterns, obfuscation, or unauthorized data access.- [INDIRECT_PROMPT_INJECTION]: The skill identifies a potential injection surface when processing external asset lists and store exports, and it provides specific instructions for mitigation.
  • Ingestion points: Reads user-provided asset inventories, store console exports, and press-kit drafts as mentioned in the instructions.
  • Boundary markers: No specific delimiters are used to wrap the input data.
  • Capability inventory: The skill writes manifest data to the local project memory directory but does not execute external code.
  • Sanitization: Includes a clear instruction to treat all external exports as untrusted and to ignore any commands embedded within them.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — launch-asset-packager