analytics-insights
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run a local Python script, campaign-tracker.py, to list campaign history for a specific brand. This is a functional requirement for tracking work history.
- [SAFE]: The skill accesses local files in the ~/.claude-marketing/ directory to retrieve brand profiles and guidelines. This access is necessary for applying brand-specific compliance and voice rules.
- [PROMPT_INJECTION]: The skill processes user-supplied queries and external brand data, creating a surface for indirect prompt injection. 1. Ingestion points: User requests containing trigger phrases and brand profile JSON files at ~/.claude-marketing/brands/. 2. Boundary markers: No explicit delimiters or ignore-embedded-instructions warnings are used for the ingested brand data. 3. Capability inventory: The skill performs local file system reads and executes the campaign-tracker.py script via subprocess. 4. Sanitization: No specific sanitization or validation of the brand profile content is mentioned.
Audit Metadata