Skills
skills/indranilbanerjee/digital-marketing-pro/ab-test-plan/Gen Agent Trust Hub

ab-test-plan

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local Python scripts 'campaign-tracker.py' and 'scripts/sample-size-calculator.py' to perform core task logic. The use of the {slug} variable as a command-line argument constitutes dynamic command execution.
  • [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection by processing external brand data and templates.
  • Ingestion points: The skill reads data from '~/.claude-marketing/brands/{slug}/profile.json', 'guidelines/_manifest.json', and brand-specific templates.
  • Boundary markers: The skill does not employ explicit delimiters or instructions to the agent to ignore embedded commands within the ingested files.
  • Capability inventory: The skill is capable of executing shell commands and accessing files within the user's home directory.
  • Sanitization: No evidence was found of validation or sanitization of the content of the loaded brand configuration or template files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 02:37 PM