The Agent Skills Directory

[COMMAND_EXECUTION]: The skill constructs and executes shell commands for scripts including campaign-tracker.py, execution-tracker.py, and report-generator.py. These commands interpolate user-controlled variables such as {slug}, {date_range}, and {channel} without explicit validation or sanitization, creating a potential surface for command injection.
[DATA_EXFILTRATION]: The skill is designed to read sensitive marketing data and brand profiles from the local directory ~/.claude-marketing/ and transmit it to external services like Slack, Email, and Google Sheets. While process step 11 includes an approval checkpoint, the inherent capability to move local data to external endpoints is a core function.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting brand-specific instructions and compliance rules from external files.
Ingestion points: ~/.claude-marketing/brands/{slug}/profile.json and ~/.claude-marketing/brands/{slug}/guidelines/_manifest.json
Boundary markers: None specified in the instructions to separate data from instructions
Capability inventory: Subprocess execution of local Python scripts and network transmission via multiple MCP servers
Sanitization: No logic is provided to sanitize or verify the contents of the loaded JSON or Markdown files before they influence agent behavior.

client-report