gtm-one-page-strategy

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to serve as a wrapper for the AI Skills platform API. It transmits user-provided business context to the vendor's backend for analysis.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface because it processes untrusted user input.
  • Ingestion points: Ingests text through the productContext field and documents via the gtmContextFile field as defined in references/form-schema.json.
  • Boundary markers: No explicit delimiter or instruction-guarding markers are defined in the static configuration files.
  • Capability inventory: The skill is limited to making network requests to the vendor's API at https://ai-skills.ai as seen in scripts/run.py.
  • Sanitization: No client-side sanitization or validation of the input content is performed before transmission.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — gtm-one-page-strategy