claude-code-marketing-skills
Fail
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The documentation instructs users to install the skill by piping a remote script directly to the shell:
curl -sSL https://raw.githubusercontent.com/cognyai/claude-code-marketing-skills/main/install.sh | bash. This allows the remote source to execute arbitrary commands on the user's machine. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when performing web-based audits.
- Ingestion points: Commands like
/seo-audit,/landing-page-review, and/competitor-analysisfetch content from external URLs provided at runtime. - Boundary markers: The instructions do not define any markers to isolate external data from the AI's internal logic.
- Capability inventory: The skill uses network-enabled tools (
WebFetch,WebSearch) to retrieve data and then performs complex reasoning on that data. - Sanitization: There is no indication that external content is sanitized or validated before being presented to the agent's logic.
- [COMMAND_EXECUTION]: The manual installation instructions require the user to execute multiple shell commands, including
git cloneandcp -r, which could lead to code execution from a third-party repository. - [EXTERNAL_DOWNLOADS]: The skill relies on fetching content from a remote repository via
git cloneandcurlfrom a non-whitelisted source, which introduces supply-chain risk if the repository is compromised.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/cognyai/claude-code-marketing-skills/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata