campaign-status
Warn
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local Python scripts including
campaign-tracker.py,execution-tracker.py, andapproval-manager.pywith arguments derived from brand configuration files. - [DATA_EXFILTRATION]: Accesses and processes files located in the user's home directory under
~/.claude-marketing/, which contains brand profiles and execution logs. - [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface by aggregating untrusted data from various ad platforms like Google Ads and Meta for dashboard display.
- Ingestion points: Data is retrieved from external marketing APIs and local JSON configuration files.
- Boundary markers: There are no delimiters used to separate untrusted platform data from the agent's instructions.
- Capability inventory: The agent can execute local shell commands and scripts.
- Sanitization: The skill lacks logic to sanitize or validate external content before presenting it in the output.
Audit Metadata