schedule-social
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's process explicitly requires the execution of multiple local Python scripts for data analysis and tracking. Evidence includes the use of 'posting-time-analyzer.py', 'hashtag-analyzer.py', 'brand-voice-scorer.py', 'approval-manager.py', and 'execution-tracker.py'.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and acting upon untrusted user input. 1. Ingestion points: User-provided 'Post content', 'Hashtags', and 'Media assets' are integrated into the processing pipeline. 2. Boundary markers: No delimiters or specific instructions to ignore embedded commands within user content are present in the defined process. 3. Capability inventory: The skill possesses the capability to execute local scripts, access and modify files within the '~/.claude-marketing/' directory, and perform network requests via social media MCP servers. 4. Sanitization: No evidence of content escaping, validation, or sanitization of user-supplied strings is provided before the data is analyzed by the brand voice and execution coordination agents.
Audit Metadata