category-positioning
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of instructional content for app marketing. No malicious command execution, data exfiltration, or obfuscation was detected. All external references are related to standard app store optimization (ASO) practices.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests untrusted data from app descriptions and external context files. However, the risk is negligible as the skill lacks dangerous capabilities such as file system writes, network operations, or shell execution.
- Ingestion points: Processes external app-marketing-context.md and user-provided app identifiers/descriptions.
- Boundary markers: None identified in the provided instructions.
- Capability inventory: No scripts or automated capabilities (subprocess, eval, network ops) are present in the skill.
- Sanitization: No explicit sanitization of external input is performed.
Audit Metadata