audience-profile
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from multiple sources and uses it to generate complex personas.
- Ingestion points: The skill reads user-provided research data (surveys, analytics, CRM data) and local files from the user's home directory (~/.claude-marketing/brands/ and ~/.claude-marketing/sops/).
- Boundary markers: The instructions do not define clear boundaries or delimiters to separate the ingested untrusted data from the system prompt or core instructions.
- Capability inventory: The skill implicitly uses file-reading capabilities to access brand profiles, guidelines, and SOPs.
- Sanitization: There is no evidence of input validation, escaping, or sanitization for the data retrieved from external files or user input.
Audit Metadata