campaign
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a structured orchestrator for marketing activities, using legitimate vendor tools for content generation and information retrieval. It does not attempt to access sensitive system files, execute shell commands, or establish unauthorized network connections.- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it incorporates data from an external library into its generation prompts.
- Ingestion points: Data is retrieved from the knowledge base using get_entity and search_knowledge_base based on user-provided topics.
- Boundary markers: Library data is passed into the generate_content and generate_email tools without specific delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill's capabilities are limited to generating marketing text and emails via provide tools, lacking any access to high-risk system operations.
- Sanitization: No explicit sanitization or filtering of the library data is described within the skill's instructions.
Audit Metadata