marketing-loops
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill interacts with local project configuration files (e.g.,
.agents/product-marketing.md) and stores operational state in.agents/loops/. This access is restricted to the local environment and follows standard agent patterns for project awareness. - [PROMPT_INJECTION]: The skill defines workflows that ingest data from untrusted external sources such as news feeds, social media, and community forums. It mitigates indirect prompt injection risks by mandating human approval for all public-facing actions, implementing a 'veto list' for sensitive content, and providing a two-tier action model that prioritizes staged drafts over autonomous execution.
- [COMMAND_EXECUTION]: Persistence and automation are achieved using platform-native scheduling primitives (e.g., Claude Code's
CronCreateorScheduleWakeup) or standard system cron. These are used as intended for service automation and do not involve privileged escalation or unauthorized background processes.
Audit Metadata