dark-funnel
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and analyzes data from external, untrusted sources which could contain malicious instructions.
- Ingestion points: Process step 2 identifies that the skill collects data from Reddit discussions, community forums, and customer survey responses.
- Boundary markers: There are no delimiters or boundary markers specified in the process to separate the external data from the agent's internal instructions.
- Capability inventory: The skill accesses the local filesystem to read brand profiles, guidelines, and SOPs from the ~/.claude-marketing/ directory as described in Process step 1.
- Sanitization: The skill does not describe any methods for sanitizing, filtering, or validating the ingested content before it is processed by the agent.
Audit Metadata