pr-pitch
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the ingestion of untrusted data from local configuration files.
- Ingestion points: Brand profiles, compliance rules, manifests, and custom templates are loaded from the
~/.claude-marketing/directory as described in the Process section ofSKILL.md. - Boundary markers: Absent. The skill does not define clear delimiters or use instructions to ignore embedded commands within the loaded brand data.
- Capability inventory: The skill is limited to text generation and does not have access to tools for network exfiltration, arbitrary command execution, or file system modifications.
- Sanitization: Absent. There is no evidence of content validation or sanitization for the JSON and Markdown files loaded from the local system.
Audit Metadata