narrative-tracker
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill captures full responses from external AI platforms like ChatGPT and Gemini, creating a vulnerability surface for indirect prompt injection. Instructions embedded in these untrusted external responses could potentially influence subsequent agent actions. * Ingestion points: Captured AI-generated responses from external platforms in Step 2. * Boundary markers: Absent. * Capability inventory: Command execution of geo-tracker.py and filesystem reads from ~/.claude-marketing/. * Sanitization: Not specified for the ingested response text.
- [COMMAND_EXECUTION]: The skill invokes the local script geo-tracker.py in Step 5 to persist narrative tracking data. This is a primary functional requirement for the skill's stated purpose.
Audit Metadata