audience-intelligence
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or data exfiltration attempts were detected. The skill's behavior is consistent with its stated purpose of audience intelligence and marketing research.
- [NO_CODE]: The skill bundle is comprised solely of Markdown methodology guides and templates. It does not include any executable scripts, binaries, or configuration files that could execute code or modify the host system.
- [COMMAND_EXECUTION]: The skill instructions include a command to run a local utility,
campaign-tracker.py, which is used to retrieve campaign history for a specific brand. This is a functional requirement for campaign management and uses identifiers from the established session context. - [PROMPT_INJECTION]: The skill ingests untrusted external data such as customer interview transcripts and CRM exports, which creates a potential surface for indirect prompt injection.
- Ingestion points: Customer research data, analytics, and interview transcripts (SKILL.md).
- Boundary markers: None explicitly defined in the prompt instructions to separate untrusted data from the system instructions.
- Capability inventory: Reading local brand configuration files and executing the
campaign-tracker.pyutility script. - Sanitization: No specific sanitization or validation logic for external research data is described.
Audit Metadata