eval-config
Warn
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
scripts/eval-config-manager.pyand interpolates user-provided JSON strings ({weights_json},{overrides_json}) directly into command-line arguments. This presents a vector for command injection if the input contains shell metacharacters such as single quotes, backticks, or semicolons. - [DATA_EXPOSURE]: The skill accesses files located in
~/.claude-marketing/, including brand profiles and guidelines. These files are located in the user's home directory and could contain sensitive business information or proprietary marketing data. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from local brand configuration files which could be manipulated to alter the agent's behavior during evaluation recommendations.
- Ingestion points:
~/.claude-marketing/brands/{slug}/profile.jsonand_manifest.jsonas specified in the Process section. - Boundary markers: Absent. No mention of delimiters or instructions to ignore nested directives within the JSON data.
- Capability inventory: The skill is capable of executing shell commands and modifying configurations through the
eval-config-manager.pyscript. - Sanitization: Absent. The skill instructions do not describe any validation, escaping, or filtering of the content loaded from the configuration files before it is used to generate suggestions or run scripts.
Audit Metadata