Skills
skills/indranilbanerjee/digital-marketing-pro/schedule-social/Gen Agent Trust Hub

schedule-social

Warn

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple external Python scripts to facilitate its workflow, including posting-time-analyzer.py, hashtag-analyzer.py, brand-voice-scorer.py, approval-manager.py, and execution-tracker.py. These scripts perform content analysis and manage the scheduling state.
  • [DATA_EXFILTRATION]: The skill is designed to transmit user-provided text, media assets, and tracking parameters to external social media APIs (Twitter/X, Instagram, LinkedIn, TikTok, YouTube, and Pinterest) through Model Context Protocol (MCP) servers.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted user input to generate content variations.
  • Ingestion points: User-supplied 'Post content' and 'Hashtags' used in formatting and variation steps.
  • Boundary markers: No explicit markers or instructions are provided to the agent to treat input as data rather than instructions.
  • Capability inventory: The agent has the ability to execute subprocesses (Python scripts), write to the local file system (~/.claude-marketing/), and perform network operations via MCP servers.
  • Sanitization: There is no evidence of sanitization or validation of the input content before it is interpolated into prompts or sent to external platforms.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 1, 2026, 01:18 AM