content-decay-scan
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script named
creative-fatigue-predictor.pyas part of its core process to evaluate content decay signals. - [DATA_EXFILTRATION]: The skill accesses local file paths in the user's home directory (
~/.claude-marketing/brands/), reading JSON files that contain brand profiles, content strategy priorities, and guidelines. - [DATA_EXFILTRATION]: The skill makes network requests to external analytics providers (Google Analytics and Google Search Console) to retrieve performance data.
- [PROMPT_INJECTION]: The skill processes untrusted external data including sitemaps, content URLs, and exported CSV files. This creates an indirect prompt injection surface where instructions embedded in the analyzed content or data files could influence the agent's behavior.
- Ingestion points: Sitemaps, content URLs, CSV analytics data, and local brand profiles.
- Boundary markers: None mentioned for separating untrusted data from agent instructions.
- Capability inventory: Execution of Python scripts, calling multiple agents (
content-creator,seo-specialist,performance-monitor-agent), and network access via MCPs. - Sanitization: No explicit sanitization or validation logic is described for the ingested content.
Audit Metadata