launch-registry
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions do not contain malicious code, obfuscation, or persistence mechanisms.
- [PROMPT_INJECTION]: The skill correctly identifies the risk of indirect prompt injection from untrusted input (e.g., launch plans or candidate files). It mitigates this by instructing the agent to treat data as untrusted and to verify lifecycle stage claims (like 'GA') against public evidence such as live URLs. Ingestion points include
memory/launch-registry/candidates.mdand user input. - [EXTERNAL_DOWNLOADS]: The skill references the author's repository at
github.com/aaron-he-zhu/aaron-marketing-skills. This is a vendor-owned resource used for documentation and is considered safe.
Audit Metadata