marketing-specialist
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill has a vulnerability surface for indirect prompt injection as it is designed to ingest and act upon data from external, untrusted sources.
- Ingestion points: Sub-skills such as the TikTok Strategist and Reddit Community Builder use
WebFetchandWebSearchto retrieve content from the live web and social media feeds. - Boundary markers: The prompts do not include specific delimiters or instructions to the agent to treat fetched data as untrusted or to ignore commands embedded within it.
- Capability inventory: Across its reference files, the skill utilizes several capabilities including
Write,Read,WebSearch,WebFetch, andMultiEdit. While not allowing code execution, these tools could be manipulated to alter local project files if an injection occurs. - Sanitization: There is no evidence of sanitization or validation of external content before it is processed by the AI agent.
Audit Metadata