gtm
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: This skill is composed exclusively of markdown files (SKILL.md, EXAMPLES.md, REFERENCE.md) providing instructional content and contains no scripts, binaries, or automated configuration files.\n- [EXTERNAL_DOWNLOADS]: The documentation includes instructions for a user to install the skill via
git clonefrom the author's GitHub repository (github.com/thatrebeccarae/claude-marketing.git). This is a legitimate distribution method for the skill's source files.\n- [PROMPT_INJECTION]: The skill facilitates the analysis of user-provided Google Tag Manager container exports (JSON format). This creates a surface for indirect prompt injection where instructions could be embedded in the GTM configuration data. However, as the skill is primarily advisory and lacks high-privilege execution tools, the risk is minimal.\n - Ingestion points: Processes GTM container export JSON files provided by the user in the context of an audit.\n
- Boundary markers: None identified in the instructional workflows for processing external data.\n
- Capability inventory: The skill provides analysis and guidance; it does not possess tools for subprocess execution, network access, or file system modification.\n
- Sanitization: No specific input sanitization or validation routines for the JSON content are mentioned in the documentation.\n- [SAFE]: The skill provides security-focused guidance, specifically identifying the risks of unsandboxed JavaScript in Custom HTML tags and recommending the use of sandboxed Community Templates as a safer alternative.
Audit Metadata