eval-config
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local Python script 'scripts/eval-config-manager.py' to process configuration actions including viewing, setting, and resetting evaluation parameters.
- [SAFE]: The skill interacts with local configuration files in the '~/.claude-marketing/' directory. No external network requests, remote downloads, or obfuscated code patterns were identified.
- [PROMPT_INJECTION]: The skill reads brand profiles and guidelines to provide configuration recommendations, representing an indirect injection surface. Ingestion points: 'profile.json' and '_manifest.json'. Boundary markers: Not explicitly defined in the prompt templates. Capability inventory: Execution of local configuration management script. Sanitization: Includes validation for threshold ranges (0-100) and dimension weight sums (~1.0).
Audit Metadata