launch-positioning-builder
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) due to its core functionality of ingesting and analyzing untrusted data from the web.
- Ingestion points: The skill fetches content from competitor homepages, pricing pages, and third-party review sites (G2/Capterra) in Phase 1.
- Boundary markers: There are no explicit instructions to use delimiters or ignore potential directives found within the fetched external content.
- Capability inventory: The skill utilizes web search, page fetching, and the ability to save generated markdown files to the local file system.
- Sanitization: No sanitization, validation, or filtering of the external data is performed before it is processed by the agent.
Audit Metadata