product-development
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of fetching and analyzing external data.
- Ingestion points: Multiple modules, including product-agent, competitive-analysis, and market-research, utilize WebSearch and WebFetch tools to ingest untrusted content from the internet such as competitor websites, App Store pages, and market trend reports.
- Boundary markers: The skill instructions do not implement delimiters or specific warnings to the agent to treat fetched content as untrusted, which increases the risk of the agent following malicious instructions embedded in remote pages.
- Capability inventory: The skill possesses extensive capabilities across its modules, including reading and writing local files, performing web searches, and fetching remote content via HTTP.
- Sanitization: There is no evidence of content sanitization or validation for the data retrieved via web tools before it is processed by the model.
Audit Metadata