content-decay-scan
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill's process (Step 3) involves executing a Python script named
creative-fatigue-predictor.pyin a specific mode. This represents the execution of a local file which could perform arbitrary actions depending on the script's contents. - [DATA_EXPOSURE]: The skill accesses sensitive-looking local directories, specifically
~/.claude-marketing/brands/, to read brand profiles, guidelines, and SOPs. While used for context, this involves reading data from a hidden user directory. - [EXTERNAL_DOWNLOADS]: The skill connects to Google Analytics and Google Search Console via Model Context Protocol (MCP) to ingest performance data. It also processes external URLs provided in sitemaps or lists, which introduces a surface for processing untrusted external content.
- [PROMPT_INJECTION]: The skill processes untrusted data (Sitemaps, CSVs, and Analytics data) and interpolates it into the workflow. There is a lack of explicit boundary markers or sanitization steps mentioned for the data being passed to the
content-creatororseo-specialistagents, creating a potential surface for indirect prompt injection.
Audit Metadata