marketing-video
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external brand context data into its generation process without strict boundaries.
- Ingestion points: Strategic context is read from files such as brand-context.md and product-marketing-context.md located within the ./brands/{brand-slug}/ directory.
- Boundary markers: The skill instructions do not specify delimiters or provide instructions to ignore potentially malicious commands embedded in the brand documents.
- Capability inventory: The skill has the capability to generate and write multiple markdown files (scripts, calendars, and strategy briefs) to the local file system at ./brands/{brand-slug}/content/video/.
- Sanitization: There is no evidence of sanitization, filtering, or validation performed on the brand data before it is interpolated into the agent's prompts.
Audit Metadata