webinar-plan
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection by dynamically loading external data at runtime.\n
- Ingestion points: The skill reads brand profiles, manifests, templates, and SOPs from
~/.claude-marketing/and local skill directories.\n - Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the loaded content as untrusted or to ignore embedded instructions.\n
- Capability inventory: The skill's primary capabilities are limited to text generation through a set of specialized agents (content-creator, email-specialist, marketing-strategist); it lacks tools for network access, arbitrary code execution, or filesystem modification.\n
- Sanitization: No input validation or sanitization mechanisms are defined for the data retrieved from the local JSON and Markdown configuration files.
Audit Metadata