budget-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/budget-optimizer.pyas part of its core optimization logic. - [DATA_EXFILTRATION]: Accesses local directories within the user's home folder, such as
~/.claude-marketing/brands/and~/.claude-marketing/sops/, to retrieve business-specific profiles and procedures. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data from external marketing metrics and brand configuration files.
- Ingestion points: Reads data from
profile.json,_manifest.json, and user-supplied channel performance metrics. - Boundary markers: No explicit delimiters or instructions are provided to ensure the agent ignores embedded commands within the ingested data.
- Capability inventory: The skill has the capability to execute a local script (
scripts/budget-optimizer.py) which processes this data. - Sanitization: There is no evidence of sanitization, escaping, or validation of the input data before it is interpolated or processed.
Audit Metadata