Skills
skills/generaljerel/chalk-skills/analyze-competitors/Gen Agent Trust Hub

analyze-competitors

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface. Malicious instructions could be embedded in the product documentation files that the agent is instructed to read.
  • Ingestion points: Reads files from the .chalk/docs/product/ directory (SKILL.md).
  • Boundary markers: The workflow does not specify the use of delimiters or 'ignore embedded instructions' markers when processing the content of these files.
  • Capability inventory: The skill has access to Read, Glob, Grep, and Write tools, allowing it to read and create files in the local environment.
  • Sanitization: There is no mention of sanitization, validation, or filtering of the content read from the external local files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 08:09 AM