cohort-analysis
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script named
churn-predictor.pyto store analysis results and track longitudinal trends. - [DATA_EXPOSURE]: The skill reads brand-specific configuration and profile data from the
~/.claude-marketing/directory to establish business context. - [PROMPT_INJECTION]: The skill processes untrusted data from external CRM and Analytics MCPs, which represents a potential surface for indirect prompt injection.
- Ingestion points: Customer acquisition data, transaction history, and engagement events are ingested from CRM and analytics platforms.
- Boundary markers: The instructions do not specify the use of delimiters or boundary markers when interpolating external data into the agent's context.
- Capability inventory: The skill possesses the ability to read and write to the local filesystem and execute Python scripts.
- Sanitization: There is no evidence of data sanitization or validation being performed on the inputs received from external data sources.
Audit Metadata