small-biz-landing-page
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or sensitive data access was detected in the skill files.\n- [NO_CODE]: The skill contains no executable code or scripts. It relies entirely on system prompts and markdown-based reference guides to function.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes user input from the 'Smart Interview' to build the outline.\n
- Ingestion points: User responses to interview questions (e.g., business name, service description) in SKILL.md.\n
- Boundary markers: No delimiters or instructions to ignore embedded commands are used when interpolating user data into Phase 2 output templates.\n
- Capability inventory: The skill is limited to generating text; it lacks the ability to execute commands, access the network, or modify the local file system.\n
- Sanitization: No explicit validation or escaping of user input is performed before including it in the generated outline document.
Audit Metadata