bmad-market-research
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
resolve_customization.py) to manage workflow configuration and resolve customization overrides. This script is an internal vendor-provided tool used for legitimate configuration management. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from web search results during several research steps.
- Ingestion points: Web search results are processed in steps 02 through 06 (Customer Behavior, Pain Points, Decisions, Competitive Analysis, and Synthesis).
- Boundary markers: Absent; external content from search results is appended directly to markdown sections without isolation markers or specific delimiters.
- Capability inventory: The skill possesses capabilities to write files (research artifacts) and load sequential workflow step files from the local environment.
- Sanitization: The skill relies on instructions for the agent to verify sources and provide citations, but it does not implement programmatic sanitization or filtering of external data.
Audit Metadata