Skills
skills/kenneth-liao/ai-launchpad-marketplace/brand-guidelines/Gen Agent Trust Hub

brand-guidelines

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its Phase 0 context ingestion process.
  • Ingestion points: Fetches and processes content from user-provided website URLs, social media profiles, and local documents (PDF, MD, TXT, DOCX) to extract brand signals.
  • Boundary markers: No specific delimiters or 'ignore' instructions are used when passing fetched content to the LLM for synthesis, increasing the risk of the agent following instructions embedded in malicious websites or documents.
  • Capability inventory: The skill possesses file read/write capabilities, network access via WebFetch, and the ability to invoke other skills (creator-stack:design-system).
  • Sanitization: There is no evidence of content filtering or sanitization performed on the data retrieved from external URLs before it is processed.
  • [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to retrieve data from arbitrary external domains provided by the user (e.g., website URLs, newsletter archives, social media profiles).
  • [COMMAND_EXECUTION]: The skill performs dynamic generation of executable content and establishes persistence.
  • It generates a new SKILL.md file from a template and writes it to ~/.claude/skills/, a directory used by the agent to load capabilities at startup. This allows for the creation of persistent, automated behaviors that will be active in future sessions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 03:46 AM