send-report
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple internal Python scripts, including performance-monitor.py, report-generator.py, and approval-manager.py, to process analytics data and manage the reporting workflow.
- [PROMPT_INJECTION]: The skill aggregates metrics and metadata from external marketing platforms (Google Ads, Meta Ads, LinkedIn Ads) to generate narrative recommendations and summaries. This creates an indirect prompt injection surface where compromised external data could attempt to influence the report's content.
- Ingestion points: External analytics data and campaign metadata from connected MCP servers and local brand configuration files in the ~/.claude-marketing/ directory.
- Boundary markers: The process includes a human-in-the-loop approval gate (Step 10) which requires explicit user consent after reviewing the report preview, serving as a significant safety mitigation.
- Capability inventory: Subprocess execution of Python scripts, local filesystem access, and data delivery to external channels (Slack, Email, Google Sheets) via MCP.
- Sanitization: The skill relies on manual user verification during the preview phase rather than automated programmatic sanitization of incoming analytics data.
Audit Metadata