anomaly-scan
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple local scripts including performance-monitor.py, execution-tracker.py, and campaign-tracker.py with parameters derived from brand context and user inputs.
- [DATA_EXFILTRATION]: The skill reads sensitive marketing profiles, brand guidelines, and agency SOPs from the ~/.claude-marketing/ directory on the local filesystem.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection. Ingestion points: external marketing platform data from Google Analytics, Google Ads, Meta, and others. Boundary markers: none identified in the skill instructions. Capability inventory: file system access and local script execution. Sanitization: no evidence of sanitization for ingested platform metadata before analysis.
Audit Metadata