Skills
skills/agricidaniel/claude-blog/blog-cannibalization/Gen Agent Trust Hub

blog-cannibalization

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it extracts and analyzes untrusted data from local files without sanitization or boundary markers.
  • Ingestion points: The agent reads content from titles, H1/H2 headings, and first paragraphs of files matching **/*.md, **/*.mdx, and **/*.html using the Read and Grep tools.
  • Boundary markers: There are no specified delimiters or instructions to ignore potential commands embedded in the processed text.
  • Capability inventory: The skill has access to Read, Grep, Glob, and WebFetch tools.
  • Sanitization: Extracted content is not sanitized or filtered before being passed to the language model for semantic analysis.
  • [DATA_EXFILTRATION]: The skill performs network operations to the DataForSEO API.
  • It uses WebFetch to interact with api.dataforseo.com, which is a well-known service provider for SEO data.
  • Credential management follows best practices by instructing the user to store the API login and password in environment variables rather than hardcoding them.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 02:44 AM