Skills
skills/indranilbanerjee/digital-marketing-pro/landing-page-audit/Gen Agent Trust Hub

landing-page-audit

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses the user's home directory to load configuration data, including brand profiles, guidelines, and SOPs from ~/.claude-marketing/. Accessing hidden application folders in the home directory exposes local files to the agent context.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from external sources.
  • Ingestion points: Processes content retrieved from a 'Landing page URL' and 'Ad copy or email' (SKILL.md).
  • Boundary markers: No delimiters or safety instructions are defined to separate untrusted web content from the agent's core instructions.
  • Capability inventory: Employs specialized agents (analytics-analyst, cro-specialist) to browse and perform analytical tasks on external content.
  • Sanitization: The process does not include validation or sanitization of the content retrieved from the external URLs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 01:18 AM