design-brief
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill architecture is primarily instructional and resides within a controlled multi-agent pipeline. It does not include executable binaries or scripts, relying instead on Markdown-based guidance for the AI agent.
- [PROMPT_INJECTION]: The skill implements strong boundary markers by requiring the agent to 'cite, not invent' tokens and sacred elements from local brand files. The presence of a dedicated 'Critic Agent' that evaluates the generated output against a visual rubric serves as a secondary verification layer, effectively mitigating the risk of user-provided asset descriptions overriding core instructions.
- [DATA_EXFILTRATION]: No evidence of unauthorized data transmission was found. The skill uses 'WebSearch' and 'WebFetch' tools for legitimate asset research, and all generated artifacts are stored locally within the project's designated '.agents/mkt/' directory.
- [COMMAND_EXECUTION]: While the skill manifest allows the 'Bash' tool, there are no instances of automated or silent shell command execution, nor any use of dynamic context injection ('!command' syntax) that could be exploited for unauthorized access.
Audit Metadata