bmad-agent-marketing-pr
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the 'agent-browser' utility from the official Vercel Labs repository if it is not already present. This is a standard setup procedure for its research capabilities.
- [COMMAND_EXECUTION]: The research module provides template commands for browser-based intelligence gathering (e.g., searching Google News, LinkedIn, and HARO). These commands are executed via the 'agent-browser' tool to inform PR strategy.
- [PROMPT_INJECTION]: The skill has an exposure to indirect prompt injection because it is designed to ingest and process data from external websites and local brand files. This is a typical risk factor for agents with web-browsing capabilities and is mitigated by the intended use case of processing public media information.
- [DATA_EXPOSURE]: The skill reads project configuration and brand identity files from local paths (e.g., config.yaml, brand-context.md) to ensure outputs are aligned with the user's business objectives.
Audit Metadata