copy-lab
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHDATA_EXFILTRATION
Full Analysis
- Data Exposure (HIGH): The instructions in Phase 1 attempt to read data from the path
~/.claude/skills/copywriting/SKILL.md. Accessing files within hidden configuration directories in the user's home path (~/) is a sensitive operation that can lead to the unauthorized exposure of agent metadata or local configurations. - Indirect Prompt Injection (LOW): The skill ingests untrusted data from both user inputs and external files to generate its copy strategies. 1. Ingestion points: User input (Phase 1) and external file content (
~/.claude/skills/copywriting/SKILL.md). 2. Boundary markers: None identified; external content is interpolated directly into the workflow. 3. Capability inventory: Orchestrates interactions with other agents (copy-reviewer) and provides inline text output; no file-write or network operations were detected in this specific file. 4. Sanitization: No evidence of sanitization or validation of the ingested content.
Recommendations
- AI detected serious security threats
Audit Metadata