content-strategy
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill instructs the agent to read the file
.claude/product-marketing-context.mdto gather business context. This is a local file access within the project environment for contextual understanding and does not involve external data transmission or credential theft. - [PROMPT_INJECTION]: The skill includes an attack surface for indirect prompt injection as it processes untrusted external data (keyword exports, call transcripts, and survey responses).
- Ingestion points: Analyzes user-provided files or text containing keyword data, transcripts, and survey responses in the 'Content Ideation Sources' section.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands within the ingested data are defined.
- Capability inventory: The skill relies on natural language analysis and standard web search. It does not have capabilities for subprocess execution, file writing, or system modification.
- Sanitization: No explicit sanitization or validation of the input data is performed. Given the lack of dangerous capabilities, this surface poses no significant risk.
Audit Metadata