geo-monitor
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script
geo-tracker.pywith subcommandsaudit-visibilityanddiff. This script is used to process results and compare them against baselines. - [DATA_EXFILTRATION]: The skill reads from local brand profile files located in
~/.claude-marketing/. While specific to the application's domain, this involves direct filesystem access to configuration and positioning data. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it ingests and analyzes responses from external generative AI engines.
- Ingestion points: Fetches responses from ChatGPT, Perplexity, Gemini, AI Overviews, and Copilot.
- Boundary markers: No explicit delimiters or instructions to ignore instructions within the ingested responses are defined.
- Capability inventory: The skill has access to the local filesystem and the ability to execute Python scripts.
- Sanitization: No validation or sanitization of the external AI responses is described prior to scoring or narrative assessment.
Audit Metadata