counter-narrative
Warn
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local script named narrative-mapper.py with the generate-counter argument to select a strategy based on competitor analysis.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of external, untrusted competitor data.
- Ingestion points: Competitor evidence such as URLs, landing pages, and messaging artifacts described in the process section.
- Boundary markers: None; there are no instructions for the agent to ignore or delimit instructions contained within analyzed competitor materials.
- Capability inventory: The skill reads brand configuration files from the ~/.claude-marketing/ directory and executes a Python script via shell command.
- Sanitization: None; the skill examines evidence to determine positioning intent and strategy without a verification or sanitization step for the external content.
Audit Metadata