brand-voice-enforcement
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external data from workspace files to define its behavior and stylistic constraints.\n
- Ingestion points: The
SKILL.mdfile (Loading Brand Guidelines section) instructs the agent to read.claude/brand-voice-guidelines.mdand.claude/brand-voice.local.mdfrom the user's project folder.\n - Boundary markers: The instructions lack explicit boundary markers (e.g., XML tags or delimiters) to isolate the content of these local files from the core instructions, potentially allowing a malicious file to influence agent behavior.\n
- Capability inventory: The skill is restricted to text generation and delegation to other internal agent files (
agents/content-generation.mdandagents/quality-assurance.md) and lacks network or shell access capabilities.\n - Sanitization: No validation or sanitization steps are defined for the content ingested from the local guidelines or settings files.
Audit Metadata