marketing-plan
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its core functionality of processing external data.
- Ingestion points: According to
SKILL.mdandreferences/methodology.md, the skill reads all available materials provided by a user (stored in amaterials/directory) and fetches data from multiple external sources including Ahrefs, Google Analytics 4, and Stripe. - Boundary markers: The instructions do not define clear delimiters or provided specific 'ignore embedded instructions' directives to the agent for when it processes these external materials, increasing the risk of the agent following instructions hidden within the client data.
- Capability inventory: The skill is granted capabilities to read and write files within the user's home directory (
~/marketing-plans/) and interact with various business and marketing APIs. - Sanitization: There are no documented steps for the agent to sanitize, validate, or filter content from untrusted external documents or API responses before incorporating them into the final plan.
Audit Metadata