content-factory-dispatcher
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The dispatcher skill creates an indirect prompt injection surface by consuming and processing the outputs of multiple sub-agents (e.g., data collectors, researchers, and writers) in a multi-step pipeline.
- Ingestion points: The agent reads data from
hotpool.json,topics.json, and various files in thedrafts/directory which are populated by other modules. - Boundary markers: Absent. The dispatcher lacks instructions to treat ingested data as untrusted or to ignore any embedded instructions within the content it processes.
- Capability inventory: The skill manages an orchestration loop that triggers other agent skills (such as
content-creatorandseo) and performs file operations within the~/clawd/projects/content-factory-agents/output/directory. - Sanitization: No sanitization or validation logic is defined to check the integrity of the data passed between stages in the Ralph CEO loop.
Audit Metadata