content-calendar
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: Accesses local file paths in the user's home directory that may contain brand-specific information.
- Evidence: The skill reads brand configuration and guidelines from ~/.claude-marketing/brands/.
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection through the processing of brand profile and SOP data.
- Ingestion points: Brand profiles, manifest files, and SOPs in SKILL.md.
- Boundary markers: Absent; there are no instructions to the agent to ignore potentially malicious commands within the ingested content.
- Capability inventory: Low; no subprocess calls, file-writing, or network operations are present in the skill.
- Sanitization: Absent; no validation or escaping is applied to the content of the brand files before use.
Audit Metadata