Skills
skills/indranilbanerjee/digital-marketing-pro/market-weather/Gen Agent Trust Hub

market-weather

Fail

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run a local Python script macro-signal-tracker.py with arguments {industry} and {horizon} derived from user input. Because these inputs are interpolated directly into the command string without sanitization instructions, an attacker could provide a malicious payload (e.g., using shell metacharacters like ;, &, or |) to execute arbitrary commands on the host system.
  • [DATA_EXFILTRATION]: The skill accesses sensitive directory paths including ~/.claude-marketing/brands/ and ~/.claude-marketing/sops/. These locations are expected to contain private business information, target market data, and competitive strategy profiles, which are exposed to the agent and potentially external scripts.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the ingestion of external signals and local configuration files.
  • Ingestion points: Processes data from ~/.claude-marketing/ JSON files and output from the macro-signal-tracker.py command.
  • Boundary markers: None. The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded within the brand profiles or market signals.
  • Capability inventory: The agent has the capability to execute shell commands via the macro-signal-tracker.py script.
  • Sanitization: None. External content is used to drive scores and recommendations without validation or escaping.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 9, 2026, 12:17 AM