content-quality-auditor
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's instructions and logic are consistent with its stated purpose of content auditing. No evidence of malicious behavior, data exfiltration, or unauthorized command execution was found.
- [PROMPT_INJECTION]: The skill is designed to ingest and process content from external URLs via the WebFetch tool, which creates an indirect prompt injection surface. This risk is addressed through explicit instructions to the agent to treat such content strictly as data and to ignore any embedded directives.
- Ingestion points: Audited content fetched from URLs or provided via text input (SKILL.md).
- Boundary markers: The skill contains an explicit 'Security boundary' section that warns the agent that fetched content is untrusted and should not be treated as instructions.
- Capability inventory: The skill utilizes WebFetch for reading network data and has the capability to write audit results to the agent's persistent memory directory.
- Sanitization: Explicit directives are included to disregard instructions or meta-tags in the audited content that attempt to influence the audit outcome.
Audit Metadata