tgravity-work-mcn-brand-profile

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bundled Python script (scripts/render_mcn_asset.py) to initialize brand profile skeletons. This script uses only standard Python libraries (pathlib, json, argparse) and includes a safety check to prevent writing files into the skill's own directory.
  • [PROMPT_INJECTION]: The skill processes untrusted user data (brand notes, budget hints, and contacts) to populate profiles, representing an indirect prompt injection surface (Category 8).
  • Ingestion points: Raw user input and messy notes extracted into brand data as described in SKILL.md.
  • Boundary markers: The skill uses a structured Markdown template (assets/templates/mcn-brand-profile.md) and dedicated sections (e.g., 'Internal Remarks') to separate data types.
  • Capability inventory: The skill executes local Python scripts and performs file system writes to the user's project data directory (tgravity-work-data/mcn/brands/).
  • Sanitization: The render_mcn_asset.py script provides sanitization via safe_slug for filenames and json.dumps encoding for YAML frontmatter fields to ensure data integrity.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 08:01 AM
Security Audit — agent-trust-hub — tgravity-work-mcn-brand-profile