share-of-voice-tracker

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill does not exhibit any malicious patterns such as obfuscation, credential exfiltration, or unauthorized persistence mechanisms. Its functionality is strictly aligned with marketing analytics.
  • [EXTERNAL_DOWNLOADS]: The skill references external connectors (e.g., gdelt.py, tavily.py, pageviews.py) to aggregate data from well-known and reputable services like the GDELT Project, Wikipedia, and search APIs. These interactions are legitimate for the skill's analytical requirements.
  • [PROMPT_INJECTION]: The skill correctly identifies the risk of indirect prompt injection from untrusted web content (mentions and articles). It mitigates this by instructing the agent to treat all fetched data as untrusted input and explicitly forbids such data from altering the skill's configuration, such as the locked competitor panel or query logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 03:38 PM
Security Audit — agent-trust-hub — share-of-voice-tracker