data-export
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from external marketing platforms and user-provided queries, creating a surface for indirect prompt injection.
- Ingestion points: External data enters the context via connected MCPs (Google Analytics, CRM, ad platforms) and the user-provided 'Custom query' input field.
- Boundary markers: The instructions do not define specific delimiters or instructions to prevent the agent from interpreting ingested data as instructions.
- Capability inventory: The skill uses MCPs to perform network operations (BigQuery, Google Sheets, Supabase) and has read/write permissions for local files in the '~/.claude-marketing/' directory.
- Sanitization: While PII redaction and quality checks are mentioned, there is no explicit sanitization for user-provided queries or content from external platforms.
Audit Metadata