marketing-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface identified in the skill architecture.
- Ingestion points: All sub-agents (e.g.,
references/marketing_growth-hacker.md,references/marketing_tiktok-strategist.md,references/marketing_app-store-optimizer.md) utilizeWebFetchandWebSearchtools to ingest data from external, untrusted platforms like Reddit, Twitter, TikTok, and various App Stores. - Boundary markers: The prompt instructions do not include boundary markers or explicit commands to isolate external content or ignore potential instructions embedded within fetched data.
- Capability inventory: The skill is equipped with powerful tools including
Write,Read, andMultiEdit, which allow the agent to modify the local file system or perform multi-file edits based on the logic derived from potentially poisoned external data. - Sanitization: There is a total absence of sanitization or validation instructions for the content retrieved from external URLs before it is processed or used to generate outputs and file modifications.
Audit Metadata