benchmark-methodology
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists exclusively of markdown text providing instructions and scoring rubrics. No code, scripts, or automation logic are included in the skill content.
- [INDIRECT_PROMPT_INJECTION]: The benchmarking methodology involves the agent visiting and analyzing untrusted external content, such as competitor websites, LinkedIn profiles, and review directories.
- Ingestion points: Competitor sites, LinkedIn, and review platforms (e.g., Clutch.co) as described in the 'How to collect the data' section.
- Boundary markers: Absent. The skill does not explicitly instruct the agent to ignore directives potentially embedded in competitor website content.
- Capability inventory: None. The skill itself does not request or use any high-privilege tools or execution capabilities.
- Sanitization: Absent.
- Note: While an ingestion surface exists, the risk is minimal as the skill lacks dangerous tools (shell access, network exfiltration) for an attacker to exploit via indirect injection.
Audit Metadata