lifecycle-marketing-automation
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill facilitates the transmission of customer profile data (email, lifecycle stage, and event timestamps) to Klaviyo's official API (
a.klaviyo.com). This operation uses an environment variable for authentication and is a core part of the intended marketing automation functionality. - [PROMPT_INJECTION]: The skill implements an architecture that ingests untrusted external data, specifically customer reviews and order details, to drive stage transitions (e.g., the
onReviewSubmittedhandler incampaign-layer.ts). This creates a surface for indirect prompt injection if the ingested content is subsequently utilized in LLM-driven messaging workflows without rigorous sanitization. - Ingestion points: Customer reviews processed in
campaign-layer.ts; order history data inSKILL.md. - Boundary markers: None explicitly defined in the provided code snippets to distinguish between instructions and data.
- Capability inventory: Network operations via
fetchto Klaviyo API; state management for customer lifecycle stages. - Sanitization: No specific sanitization or validation logic is present in the provided implementation tasks for handling external review content.
Audit Metadata