paw-cra-content-research
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: Accesses authentication session data in the .pawbytes/creative-suites/.auth/ directory to enable research on social media platforms via browser automation. This access is restricted to the vendor's own configuration paths and is required for the skill's primary research functions.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted content from external websites to generate research reports.
- Ingestion points: Web search results and crawled page content via Exa MCP and the agent-browser tool (SKILL.md, competitor-scan.md).
- Boundary markers: None identified; the instructions do not specify delimiters or warnings for the agent when processing external text.
- Capability inventory: Capability to write research reports and daily logs to the local filesystem (SKILL.md).
- Sanitization: No explicit sanitization or validation of ingested web content is described before it is used to generate creative briefs.
Audit Metadata