social-media-manager
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed as a management layer that sequences specialized tasks without performing direct system-level or network operations. It accesses local project files (e.g., brand-style.md, content-calendar.md) to read context and track progress, but does not access sensitive system files or hardcoded credentials.
- [COMMAND_EXECUTION]: The skill triggers the execution of other component skills found in the local filesystem at ~/.claude/skills/. These are orchestrated calls to modular sub-components and do not involve arbitrary shell command execution.
- [PROMPT_INJECTION]: The workflow involves reading performance review data to influence future content generation, which creates an indirect prompt injection surface. However, the risk is mitigated by mandatory human approval gates at every handoff, ensuring the operator reviews all outputs before the agent proceeds.
Audit Metadata