blog-calendar
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection via processed data.
- Ingestion points: The agent is instructed to scan existing blog posts (using
Globfor *.md, *.mdx, and *.html files) to gather context and perform content decay detection. - Boundary markers: The workflow does not define any delimiters or system instructions to ignore embedded prompts within the blog content it reads.
- Capability inventory: The skill is granted powerful capabilities including
Bash,Write,WebFetch, andWebSearchpermissions. - Sanitization: There are no sanitization, escaping, or validation steps described for the data ingested from the file system before it influences agent behavior.
Audit Metadata