discover-market-sizing
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes read-only tools (Read, Grep, WebFetch, WebSearch) for its primary function of market data gathering and does not attempt to access sensitive system files or environment variables.
- [SAFE]: Explicit refusal protocols are implemented in SKILL.md to prevent the generation of unverified or fabricated market numbers, maintaining epistemic discipline.
- [SAFE]: No patterns of prompt injection, code obfuscation, or unauthorized network activity were detected across the skill's instructions and reference files.
- [SAFE]: Regarding indirect prompt injection attack surfaces: (1) Ingestion points include WebSearch and WebFetch results mentioned in SKILL.md. (2) Explicit boundary markers for external data are absent. (3) Capability inventory is limited to read-only tool access and artifact production; no subprocess calls, exec/eval, or unauthorized file-write operations exist in any file. (4) No specific sanitization of web data is described, but the read-only analytical context and specific template structure limit the exploitable surface area.
Audit Metadata