loop-detect
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local script named
growth-loop-modeler.pywith subcommandsdetect-loopsandproject. This execution relies on parameters and data derived from untrusted user input. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data that is used by agents and passed to execution tools.
- Ingestion points: User-provided
Business metrics,Business model, andKnown growth driversare processed to calibrate the model. - Boundary markers: No delimiters or isolation instructions are present to prevent the agent from obeying instructions embedded in the provided data.
- Capability inventory: File system read access for brand profiles in
~/.claude-marketing/and subprocess execution viagrowth-loop-modeler.py. - Sanitization: No sanitization or validation logic is specified for the external data before it enters the modeling process.
Audit Metadata