share-of-voice
Warn
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes local Python scripts
geo-tracker.pyandcompetitor-tracker.pyto perform AI visibility audits and persist measurement data.\n- [DATA_EXFILTRATION]: Accesses and reads files within the~/.claude-marketing/directory, including brand profiles, active brand status, and standard operating procedures (SOPs) located in the user's home directory.\n- [PROMPT_INJECTION]: Exposure to indirect prompt injection through the ingestion of untrusted content from social media platforms and AI engine responses.\n - Ingestion points: Ingests social mentions from the Brandwatch MCP and AI-generated content from external engines (ChatGPT, Gemini, Perplexity, Copilot) via
geo-tracker.py.\n - Boundary markers: The skill lacks explicit boundary markers or instructions to disregard potential commands embedded within these external datasets.\n
- Capability inventory: Includes the ability to execute local Python scripts and access file system paths in the user's home directory.\n
- Sanitization: No sanitization or validation of the ingested external data is documented before it is used to calculate sentiment or visibility scores.
Audit Metadata