marketing-skills-collection
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its capability to ingest and process data from untrusted external sources during marketing research tasks.\n
- Ingestion points: External content retrieved via the
WebFetchtool and user-provided variables within theProduct Contextandmarketing_brieftemplates inSKILL.md.\n - Boundary markers: The skill uses structured Markdown headers and YAML blocks to organize input, but it lacks specific instructions directing the agent to ignore potentially malicious commands embedded in fetched web content.\n
- Capability inventory: The skill is granted access to the
WebFetchtool for network access,Writefor asset generation, andTaskfor sub-skill execution.\n - Sanitization: There are no explicit sanitization, filtering, or validation steps defined for data retrieved from external URLs before it is processed by the agent.
Audit Metadata