Skills
skills/indranilbanerjee/digital-marketing-pro/video-script/Gen Agent Trust Hub

video-script

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it lacks security boundaries when processing untrusted user data alongside sensitive brand information.
  • Ingestion points: The skill accepts user-provided input for 'Key message or topic' and 'Competitor video references' as defined in SKILL.md.
  • Boundary markers: Absent. There are no instructions to use delimiters (e.g., XML tags or triple quotes) or to ignore embedded instructions within user-provided strings.
  • Capability inventory: The skill performs read operations on local files including brand profiles, compliance rules, and agency SOPs located in ~/.claude-marketing/ and skills/context-engine/ as detailed in the process section of SKILL.md.
  • Sanitization: Absent. The skill does not validate or sanitize external input before interpolating it into the prompt for script generation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 08:41 PM