copywriter
Warn
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends adding a third-party plugin from an unverified repository (
coreyhaines31/marketingskills) using the command/plugin marketplace add. This introduces a supply chain risk as the recommended code is not managed by the skill's author or a trusted organization. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by reading and processing untrusted project files to determine brand guidelines.
- Ingestion points: Reads content from
.agents/SYSTEM/ARCHITECTURE.md,.agents/SOP/, and other project documentation. - Boundary markers: Absent. The skill does not implement delimiters or instructions to ignore embedded commands within the ingested files.
- Capability inventory: The skill generates user-facing copy, value propositions, and UI text.
- Sanitization: Absent. There is no evidence of validation or filtering for instructions hidden within the source documentation.
Audit Metadata