social-content
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is composed solely of Markdown documentation and templates. No executable scripts (.sh, .py, .js), binaries, or system commands were found.
- [DATA_EXPOSURE] (SAFE): The instructions include reading a local file
.claude/product-marketing-context.md. This is a standard practice for providing the agent with relevant business context and does not constitute unauthorized data exposure or exfiltration. - [INDIRECT_PROMPT_INJECTION] (LOW): The 'Reverse Engineering' framework in
references/reverse-engineering.mdsuggests gathering and analyzing large amounts of external social media content. While this is a surface for indirect prompt injection (where instructions hidden in social posts could influence the agent), the skill does not include automated tools to perform this scraping, and the risk is inherent to the task of content analysis.
Audit Metadata