skills/mattgierhart/prd-driven-context-engineering/prd-v02-competitive-landscape-mapping/Gen Agent Trust Hub
prd-v02-competitive-landscape-mapping
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process data from external, untrusted sources such as competitor websites and public review platforms during the research process.
- Ingestion points: Competitive research data fetched via WebSearch and WebFetch tools from sources like G2, Reddit, and Capterra.
- Boundary markers: The templates do not include explicit delimiters or instructions to the agent to isolate external data from the primary mission instructions.
- Capability inventory: The skill utilizes Read, Write, Edit, Glob, Grep, WebSearch, and WebFetch tools.
- Sanitization: There is no logic provided to sanitize or validate the content retrieved from external URLs before processing.
- [NO_CODE]: The skill consists entirely of Markdown documentation, templates, and research prompts, with no executable scripts, binary files, or external code dependencies.
Audit Metadata