marketing-plan

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its core functionality of processing external data.
  • Ingestion points: According to SKILL.md and references/methodology.md, the skill reads all available materials provided by a user (stored in a materials/ directory) and fetches data from multiple external sources including Ahrefs, Google Analytics 4, and Stripe.
  • Boundary markers: The instructions do not define clear delimiters or provided specific 'ignore embedded instructions' directives to the agent for when it processes these external materials, increasing the risk of the agent following instructions hidden within the client data.
  • Capability inventory: The skill is granted capabilities to read and write files within the user's home directory (~/marketing-plans/) and interact with various business and marketing APIs.
  • Sanitization: There are no documented steps for the agent to sanitize, validate, or filter content from untrusted external documents or API responses before incorporating them into the final plan.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 06:26 PM
Security Audit — agent-trust-hub — marketing-plan