competitor-pages
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill reads brand configuration data from the local filesystem at
~/.claude-marketing/brands/. It also performs network operations viacompetitor-scraper.py. The combination of accessing local profile data and maintaining network access creates a potential surface for data exposure. - [COMMAND_EXECUTION]: The workflow relies on executing several Python scripts, including
schema-generator.py,competitor-scraper.py, andcontent-scorer.py, to process data and generate marketing content. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted content from external competitor websites via
competitor-scraper.py. 1. Ingestion points: Data from external URLs is scraped and incorporated into the page generation process. 2. Boundary markers: No specific delimiters or safety instructions are used to isolate or ignore instructions embedded in the scraped content. 3. Capability inventory: The skill has access to the local filesystem (brand profiles) and the external network (scraping). 4. Sanitization: There is no evidence of validation or sanitization of the ingested external content.
Audit Metadata