paw-cra-agent-creative-director
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The scripts
scripts/tool-discovery.py,scripts/tests/test-init-memory.py, andscripts/tests/test-tool-discovery.pyusesubprocess.run()to verify the presence of creative tools and execute unit tests. These operations are limited to a hardcoded list of verified CLI tools (such as FFmpeg and agent-browser) and local script paths. - [PROMPT_INJECTION]: The skill incorporates a capability to analyze external websites and social media profiles via the
agent-browsertool for brand research and competitor analysis, creating an inherent surface for indirect prompt injection. - Ingestion points: External website navigation and content extraction in
references/brand-update.mdandreferences/tool-discovery.md. - Boundary markers: The skill does not explicitly define markers to delimit untrusted web content from instructions.
- Capability inventory: Subprocess execution for tool checks in
tool-discovery.py, file system writes for memory management ininit-memory.py, and orchestration of subagents via the Agent tool. - Sanitization: No specific content sanitization or filtering is applied to the data retrieved from external URLs.
- [SAFE]: The skill follows security best practices for credential management by instructing the loading of API keys (fal.ai, Pexels, ElevenLabs) from local configuration files rather than hardcoding them within the skill body.
Audit Metadata