marketing-lead-magnets
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface via external context files. The skill instructs the agent to read context from files like
.agents/product-marketing.mdor.claude/product-marketing.md. Ingestion points: These files provide business context and goals that influence the agent's behavior. Capability inventory: The skill is entirely instructional and does not contain scripts, network tools, or file-write capabilities, which significantly limits the potential impact of an injection. Boundary markers: The instructions lack delimiters or warnings to ignore embedded instructions within these context files. Sanitization: No sanitization or verification of the external context is requested. - [NO_CODE]: The skill consists exclusively of markdown documentation and JSON evaluation data. There are no scripts, binaries, or configuration files that initiate command execution or external dependencies.
Audit Metadata