analytics-expert
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is designed to ingest and process 'analytics data' and 'performance metrics' from external platforms (SKILL.md, Core Capability 1).
- Ingestion points: Reads data from analytics platforms, content management platforms, and project documentation.
- Boundary markers: None identified. There are no instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill can generate reports, create data visualizations, store data in content management platforms, and influence content creation strategies.
- Sanitization: No evidence of input sanitization or validation for the ingested analytics data.
- [External Downloads / Remote Code Execution] (HIGH): The skill explicitly instructs the user or agent to install an external plugin from an untrusted GitHub repository (
coreyhaines31/marketingskills) using the/plugin marketplace addcommand (SKILL.md, Complementary Skills). This bypasses standard security vetting and can lead to the execution of unverified code. - [Metadata Poisoning] (MEDIUM): The skill description and name suggest a benign utility, but the inclusion of unverified third-party plugin installation instructions in the README/SKILL.md is a deceptive practice that could lead to system compromise.
Recommendations
- AI detected serious security threats
Audit Metadata