influencer-brief
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions establish an ingestion surface for indirect prompt injection.
- Ingestion points: The agent is instructed to read brand configuration and profile data from local files, specifically
~/.claude-marketing/brands/_active-brand.json,~/.claude-marketing/brands/{slug}/profile.json,skills/context-engine/compliance-rules.md, and~/.claude-marketing/brands/{slug}/guidelines/_manifest.json. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' warnings to prevent the agent from potentially obeying instructions embedded within these ingested files.
- Capability inventory: The skill is composed entirely of natural language instructions and does not define any code-based capabilities such as subprocess execution, file-writing, or network operations within this file.
- Sanitization: No sanitization, validation, or filtering mechanisms are defined for the content read from the local file system.
- [NO_CODE]: This skill is entirely instructional and does not include any accompanying scripts, executables, or code files.
Audit Metadata