lp-optimization
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's logic and structure align with its marketing optimization purpose. It implements a sophisticated multi-agent system to provide prioritized audit findings based on established conversion principles.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the WebFetch tool to retrieve content from external landing pages, which is a core requirement for its auditing functionality.
- [COMMAND_EXECUTION]: Two bash scripts are included in the skill's distribution: scripts/lp-audit.sh for generating audit templates and scripts/headline-generator.sh for interactive headline brainstorming. These are executed locally via the Bash tool.
- [PROMPT_INJECTION]: The skill's architecture is susceptible to indirect prompt injection risks due to the processing of untrusted external content from target landing pages.
- Ingestion points: Untrusted data is ingested via WebFetch when a user provides a landing page URL for analysis as described in SKILL.md.
- Boundary markers: Absent; there are no clear delimiters or instructions to ignore instructions found within the fetched data in the agent dispatch logic.
- Capability inventory: The skill has access to the Bash tool (allowing file writing and script execution) and WebFetch (allowing network operations).
- Sanitization: Absent; external content is processed by analysis agents without validation or sanitization layers.
Audit Metadata