blog-brief
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from the internet.
- Ingestion points: External data enters the agent context via WebSearch and WebFetch tools during keyword research, competitive analysis, and statistics gathering (Steps 2, 3, and 4).
- Boundary markers: There are no specified delimiters or instructions to ignore embedded commands within the retrieved web content.
- Capability inventory: The skill is granted access to powerful tools, including Bash, Write, WebSearch, and WebFetch, which could be exploited if the agent follows instructions embedded in fetched content.
- Sanitization: No sanitization, filtering, or validation of the external content is performed before it is used to generate the blog brief.
Audit Metadata