Skills
skills/alirezarezvani/claude-skills/cmo-review/Gen Agent Trust Hub

cmo-review

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill runs two local Python scripts, marketing_budget_modeler.py and growth_model_simulator.py, located in a relative directory. These scripts are used for growth modeling and budget modeling.
  • [PROMPT_INJECTION]: The skill processes a user-provided marketing plan, which presents a surface for indirect prompt injection.
  • Ingestion points: The <plan> argument provided to the /cs:cmo-review command in SKILL.md.
  • Boundary markers: Absent. The skill does not use specific delimiters to separate user input from its own instructions.
  • Capability inventory: The skill has the capability to execute local Python scripts via subprocess commands defined in SKILL.md.
  • Sanitization: Absent. There is no evidence of input validation or sanitization for the provided marketing plan text.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 10:30 AM