blog-repurpose
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted blog post content which is then used to generate social media outputs.
- Ingestion points: The skill uses the
Readtool in Step 1 to ingest the text of a blog post from the local file system. - Boundary markers: There are no explicit delimiters or system instructions provided to the agent to treat the blog content as non-executable data or to ignore embedded instructions.
- Capability inventory: The skill is permitted to use
Read,Write,Grep, andGlobtools. It lacks the ability to make network requests or execute system commands. - Sanitization: The skill does not perform any sanitization, filtering, or validation of the blog post content before processing it.
- [SAFE]: No evidence was found of data exfiltration, credential exposure, or remote code execution. The skill's operations are confined to the local environment and focused on content generation.
Audit Metadata