keyword-research
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
campaign-tracker.pyandscripts/keyword-clusterer.py) to handle campaign tracking and keyword expansion. These scripts are invoked via the command line with parameters derived from user input and local configuration. - [PROMPT_INJECTION]: The skill ingests data from external URLs provided by the user to extract keyword themes, creating a risk for indirect prompt injection attacks where malicious instructions on the target webpage could influence the agent's behavior.
- Ingestion points: The 'Seed keywords or topic' input field in SKILL.md allows for URL extraction.
- Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the processing flow.
- Capability inventory: The skill has the ability to execute shell commands (Python scripts) and read/write files in the user's home directory (
~/.claude-marketing/). - Sanitization: There is no mention of sanitization, validation, or filtering of the content retrieved from external URLs before it is processed by the agent.
Audit Metadata