signup-flow-cro
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its data ingestion mechanism. \n
- Ingestion points: Reads .claude/product-marketing-context.md to gather product context. \n
- Boundary markers: None; the skill does not use delimiters or instructions to ignore embedded commands in the ingested file. \n
- Capability inventory: None; the skill is limited to providing textual advice and does not perform file system writes, network requests, or command execution. \n
- Sanitization: None; the content of the marketing context file is not validated or sanitized before being processed.
Audit Metadata