send-sms
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill coordinates logic using local Python scripts (brand-voice-scorer.py, approval-manager.py, execution-tracker.py) for tone analysis, risk management, and delivery tracking.
- [DATA_EXPOSURE]: The skill reads from application-specific paths (~/.claude-marketing/brands/) to access brand profiles and compliance rules.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted user message content and external recipient CSV files. Ingestion points: message body and CSV files (SKILL.md); Capability inventory: local script execution and messaging via MCP (SKILL.md); Boundary markers: not implemented; Sanitization: not implemented. Risk is mitigated by a mandatory human-in-the-loop approval step before any external transmission.
Audit Metadata