influencer-creator
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Invokes a local Python script
campaign-tracker.pyto log and retrieve campaign history, which is essential for brand management. - [PROMPT_INJECTION]: The skill ingests untrusted data from external influencer profiles, creating a surface for indirect prompt injection.
- Ingestion points: Processes influencer social media bios and brand-specific JSON configuration files.
- Boundary markers: No explicit delimiters are specified to demarcate untrusted data.
- Capability inventory: The agent can read local files and execute Python commands.
- Sanitization: No sanitization or validation logic is defined for external inputs.
Audit Metadata