launch-plan
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
- Ingestion points: The skill ingests data from local files including ~/.claude-marketing/brands/_active-brand.json and various profile.json files.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill definition to separate user-controlled data from instructions.
- Capability inventory: The skill orchestrates tasks through specialized agents for strategy and content creation but does not define direct shell or network operations in the provided markdown.
- Sanitization: No evidence of sanitization or validation of the content loaded from the local files is provided, allowing file content to influence agent behavior directly.
Audit Metadata