narrative-landscape
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script named
narrative-mapper.pywith themap-landscapeargument, passing competitor positioning data extracted from external sources. - Evidence: Found in
SKILL.mdunder the Process section: "Executenarrative-mapper.py map-landscapewith the competitor position data". - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and analyzes content from user-provided competitor messaging sources (URLs).
- Ingestion points: Step 3 in
SKILL.mddescribes extracting signals from "company websites", "advertising copy", "social media profiles", and "press releases". - Boundary markers: None specified in the instructions to delimit external content from system instructions.
- Capability inventory: The agent has the capability to execute shell commands via
narrative-mapper.py(Step 4) and read files from the local filesystem (Step 1). - Sanitization: No explicit sanitization or filtering of the extracted external content is mentioned before it is processed by the agent or passed to the script.
Audit Metadata