tgravity-work-mcn-brand-profile
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (
scripts/render_mcn_asset.py) to initialize brand profile skeletons. This script uses only standard Python libraries (pathlib, json, argparse) and includes a safety check to prevent writing files into the skill's own directory. - [PROMPT_INJECTION]: The skill processes untrusted user data (brand notes, budget hints, and contacts) to populate profiles, representing an indirect prompt injection surface (Category 8).
- Ingestion points: Raw user input and messy notes extracted into brand data as described in
SKILL.md. - Boundary markers: The skill uses a structured Markdown template (
assets/templates/mcn-brand-profile.md) and dedicated sections (e.g., 'Internal Remarks') to separate data types. - Capability inventory: The skill executes local Python scripts and performs file system writes to the user's project data directory (
tgravity-work-data/mcn/brands/). - Sanitization: The
render_mcn_asset.pyscript provides sanitization viasafe_slugfor filenames andjson.dumpsencoding for YAML frontmatter fields to ensure data integrity.
Audit Metadata