marketing-competitor-profiling

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external content from competitor websites, which introduces a surface for indirect prompt injection.
  • Ingestion points: Scraped content from arbitrary competitor URLs is pulled into the agent context in Phase 1 (SKILL.md).
  • Boundary markers: The instructions do not specify any delimiters or warnings to the agent to treat scraped content as untrusted, potentially allowing embedded malicious instructions to influence behavior.
  • Capability inventory: The skill possesses file-write capabilities (saving profiles to the local directory) and network capabilities (making further API calls), which could be leveraged if an injection is successful.
  • Sanitization: Scraped content is synthesized directly into markdown profiles without prior sanitization or filtering.
  • [EXTERNAL_DOWNLOADS]: The skill is designed to retrieve data from external web pages and marketing APIs (Firecrawl, DataForSEO) as part of its documented workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 06:26 PM
Security Audit — agent-trust-hub — marketing-competitor-profiling