launch-ad-campaign
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or unauthorized access were detected. The skill's operations are strictly scoped to its marketing automation functionality and follow the stated purpose.- [COMMAND_EXECUTION]: The skill executes local Python scripts (approval-manager.py and execution-tracker.py) as part of its internal workflow for governance and logging. These commands use fixed paths and parameters integrated into the lifecycle of the ad campaign management.- [PROMPT_INJECTION]: The skill ingests configuration data from local files and user-defined ad content. \n
- Ingestion points: Reads brand profiles (profile.json) and brand guidelines (_manifest.json) from the ~/.claude-marketing/ directory.\n
- Boundary markers: No explicit delimiter-based instructions are provided for file reading, though the process is guided by specific agency SOPs.\n
- Capability inventory: Includes the ability to execute local tracking scripts and call external ad platform APIs via MCP servers.\n
- Sanitization: The process includes a critical 'Budget safeguard' requiring manual re-confirmation and a final approval summary step before execution, ensuring human oversight over untrusted inputs.
Audit Metadata