marketing-popups
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions, metadata, or evaluation files.
- [SAFE]: The skill does not involve any external package installations, remote script execution, or dynamic code generation.
- [SAFE]: Local file access is explicitly limited to project context files (e.g., .agents/product-marketing.md) to improve marketing recommendations; it does not target sensitive system credentials or private keys.
- [SAFE]: The skill has a surface for indirect prompt injection through its ingestion of local context files. 1. Ingestion points: .agents/product-marketing.md, .claude/product-marketing.md, product-marketing-context.md. 2. Boundary markers: None present. 3. Capability inventory: The skill has no capabilities to execute code, write to the file system, or perform network operations. 4. Sanitization: None. This surface is evaluated as safe due to the lack of exploitable capabilities.
Audit Metadata