social-content
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (SAFE): While the skill defines data ingestion points, the risk of indirect prompt injection is handled within the scope of the skill's primary intended purpose and contains no malicious overrides. 1. Ingestion points: The skill instructs the agent to read context from
.claude/product-marketing-context.md(SKILL.md) and suggests analyzing social media data (references/reverse-engineering.md). 2. Boundary markers: No specific boundary markers are defined for the marketing context file. 3. Capability inventory: The skill includes no executable scripts, file-writing capabilities, or network operations. 4. Sanitization: Content is treated as standard instructional data; no custom sanitization is performed. - NO_CODE (SAFE): No Python, Node.js, or shell scripts are included in the skill, which eliminates classes of higher-severity threats related to command execution and remote code execution.
Audit Metadata