reddit-post-writer
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external sources and user inputs to generate content.
- Ingestion points: The skill processes user-supplied text in the
trigger_questionfield of the input schema and retrieves external content from Reddit threads using theweb_searchtool as described in Step 1 and Step 3 of the workflow. - Boundary markers: The prompt instructions do not include explicit delimiters or "ignore embedded instructions" warnings to prevent the agent from following instructions found within the
trigger_questionor the retrieved search results. - Capability inventory: The skill utilizes the
web_searchtool and generates text-based social media posts. It does not demonstrate capabilities for file system modification or arbitrary command execution. - Sanitization: There is no evidence of input validation or sanitization of the external content before it is interpolated into the generation prompt.
Audit Metadata