share-of-voice
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts
competitor-tracker.pyandgeo-tracker.pyto persist share-of-voice data and perform GEO audits. - [EXTERNAL_DOWNLOADS]: The skill retrieves data from well-known services including Google Ads, Meta Ads, and Brandwatch using Model Context Protocols (MCP).
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests and processes untrusted data from social media mentions and AI-generated search results.
- Ingestion points: Social mentions retrieved via the Brandwatch MCP and AI-generated responses collected during GEO auditing in step 5.
- Boundary markers: The skill does not implement boundary markers or instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill maintains the ability to execute subprocesses (
competitor-tracker.py,geo-tracker.py) and perform file system operations within the~/.claude-marketing/directory. - Sanitization: There is no evidence of sanitization, filtering, or escaping of the external social content or AI responses before they are analyzed by the agent.
Audit Metadata