creator-outreach
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill follows standard practices for local data processing and project-based management.
- [DATA_EXPOSURE]: The skill extracts public contact signals, such as emails and link-in-bio URLs, from creator profiles found in social media datasets. This is the intended functionality and does not involve harvesting sensitive private data or hardcoded credentials.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it processes untrusted creator profile data (like bios) and interpolates it into outreach drafts. However, this is considered safe in this context as the skill generates drafts for human review rather than automatic delivery, and it lacks any system-level capabilities that could be exploited by such an injection.
- Ingestion points:
scripts/build_creator_leads.mjsreads social media profile JSON files. - Boundary markers: Not explicitly implemented in the message generation logic.
- Capability inventory: The skill performs local file system writes (
fs.writeFileSync) for manifest and lead table updates; it does not have shell or network access. - Sanitization: Inputs are cleaned and trimmed, but no specific escaping for prompt injection is performed.
Audit Metadata