local-seo
Warn
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The instruction file SKILL.md requires the agent to execute a script named campaign-tracker.py. This file is not included in the skill's source files, meaning the agent would be executing an unvetted local script.
- [PROMPT_INJECTION]: The skill uses external files to define its behavior, which creates an indirect prompt injection surface. Ingestion points: The agent reads brand profiles and guidelines from ~/.claude-marketing/. Boundary markers: No delimiters or ignore instructions are used for the external data. Capability inventory: The skill includes the capability to execute Python scripts. Sanitization: The skill lacks sanitization for the ingested data before it influences the agent's constraints and output.
Audit Metadata