blog-analyze
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external URLs and local files without implementing security boundaries. An attacker could embed instructions within a blog post to subvert the agent's analysis or output.
- Ingestion points: SKILL.md specifies fetching content from URLs and reading local files/directories.
- Boundary markers: Absent. The instructions do not provide delimiters or warnings to treat the extracted content strictly as data.
- Capability inventory: The agent has the ability to read local files and perform network requests via WebFetch.
- Sanitization: Absent. Content is parsed directly for linguistic patterns and data without validation or sanitization steps.
Audit Metadata