Skills
skills/alirezarezvani/claude-skills/marketing-skills/Gen Agent Trust Hub

marketing-skills

Fail

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script prompt-engineer-toolkit/scripts/prompt_tester.py is designed to execute external commands using a template string provided via the --runner-cmd argument. This allows for arbitrary command execution on the system.
  • [PROMPT_INJECTION]: Instructions in marketing-context/SKILL.md direct the agent to scan various files in the repository to generate context. Ingesting untrusted content from the codebase without sanitization markers makes the agent susceptible to indirect prompt injection attacks.
  • [EXTERNAL_DOWNLOADS]: The site-architecture/scripts/sitemap_analyzer.py and page-cro/scripts/conversion_audit.py scripts utilize the urllib.request module to fetch content from remote URLs specified in user arguments.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 3, 2026, 01:03 PM