Skills
skills/indranilbanerjee/digital-marketing-pro/reputation-management/Gen Agent Trust Hub

reputation-management

Warn

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: In SKILL.md, the agent is instructed to run python campaign-tracker.py --brand {slug} --action list-campaigns. This script is not part of the skill package.- [DATA_EXFILTRATION]: The instructions in SKILL.md require the agent to read brand-sensitive configuration and profile files from hidden directories in the user's home folder, such as ~/.claude-marketing/brands/{slug}/profile.json.- [PROMPT_INJECTION]: The skill processes untrusted customer review content from external sources (e.g., Google, Yelp).
  • Ingestion points: Customer review text described in the Negative Review Response process.
  • Boundary markers: None. The content is directly evaluated by the agent.
  • Capability inventory: The skill has access to the local filesystem and command execution.
  • Sanitization: The instructions do not include steps to sanitize or filter the review content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 11, 2026, 07:58 PM