Skills
skills/indranilbanerjee/digital-marketing-pro/digital-pr/Gen Agent Trust Hub

digital-pr

Warn

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONNO_CODEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script (python campaign-tracker.py --brand {slug} --action list-campaigns) as part of its brand context check. This instruction triggers the execution of code within the user's environment which is not provided as part of the skill distribution.
  • [NO_CODE]: The primary tracking logic mentioned in the workflow relies on campaign-tracker.py, which is not included in the skill's file set. This creates a dependency on external or pre-existing code that is not verified during this analysis.
  • [DATA_EXFILTRATION]: The skill accesses and reads files from a specific directory in the user's home folder (~/.claude-marketing/brands/{slug}/profile.json). Accessing files outside the immediate project scope and within the home directory is an exposure risk, even if used for legitimate context-setting.
  • [PROMPT_INJECTION]: The skill is designed to ingest and respond to external data from platforms like HARO and Connectively. It lacks explicit boundary markers or 'ignore' instructions for this untrusted data, making it vulnerable to indirect prompt injection where an attacker could embed malicious instructions within a journalist query to influence the agent's behavior.
  • Ingestion points: Journalist queries, media mentions, and external publication text are processed to generate pitches and responses (SKILL.md).
  • Boundary markers: Absent; there are no instructions to the agent to disregard instructions potentially hidden in the external queries.
  • Capability inventory: The agent has file-read capabilities and the ability to execute Python scripts (SKILL.md).
  • Sanitization: No sanitization or validation steps are defined for the external content before it is interpolated into the outreach templates.
  • [SAFE]: The documentation and templates provided in the reference files (media-outreach.md, link-building-tactics.md, eeat-authority.md) are informative and follow standard digital marketing best practices with no malicious content detected.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 9, 2026, 12:17 AM