Skills
skills/claude-office-skills/skills/tiktok-marketing/Gen Agent Trust Hub

tiktok-marketing

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill uses well-known services for its automation workflows, including Google Sheets, OpenAI, ElevenLabs, and TikTok. These integrations follow standard industry patterns for marketing automation.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The automation templates ingest data from external sources to generate scripts, which could be exploited if the source data is untrusted.
  • Ingestion points: Data is retrieved from Google Sheets in the 'AI Video Content Pipeline' (Node 2) and file metadata in 'Multi-Platform Publishing' (Node 1) within SKILL.md.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the LLM prompt templates (e.g., Node 3: 'Create a TikTok script for: {idea}').
  • Capability inventory: The skill possesses capabilities to generate video content and publish directly to TikTok, Instagram, and YouTube via MCP tools and n8n nodes.
  • Sanitization: There is no evidence of input validation or sanitization for the data retrieved from external spreadsheets or file metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 08:21 AM