Skills
skills/indranilbanerjee/digital-marketing-pro/pr-pitch/Gen Agent Trust Hub

pr-pitch

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests data from several local configuration and profile files to provide brand-specific context. This creates a potential surface for indirect prompt injection where malicious instructions stored in these files could influence agent behavior.\n
  • Ingestion points: Multiple local paths including ~/.claude-marketing/brands/{slug}/profile.json, _manifest.json, and agency SOPs referenced in SKILL.md.\n
  • Boundary markers: Absent; the skill does not use delimiters to isolate external context or provide instructions to ignore embedded commands.\n
  • Capability inventory: No high-risk capabilities such as network requests, file-write operations, or shell command execution were identified within the skill's instructions.\n
  • Sanitization: Absent; the instructions do not specify any validation, filtering, or escaping for the content retrieved from the brand profile files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 01:19 AM