Skills
skills/agricidaniel/claude-blog/blog-outline/Gen Agent Trust Hub

blog-outline

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses WebSearch and WebFetch to gather information from the top 5 search results for a given keyword. This involves downloading content from external, untrusted web sources.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool specifically to create the outlines/ directory if it does not already exist, which is a standard file system operation.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection.
  • Ingestion points: Untrusted content is ingested from external web pages via WebSearch and WebFetch in Step 2.
  • Boundary markers: There are no explicit instructions to use delimiters or ignore embedded instructions within the fetched content.
  • Capability inventory: The skill has the ability to write files, execute system commands, and perform network operations.
  • Sanitization: No sanitization or validation logic is defined to filter malicious instructions embedded in the search results.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 11:10 PM