blog-schema
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests and processes text from blog posts to populate schema fields, identifying a surface for indirect prompt injection. Ingestion points: Extracts metadata from blog files and frontmatter (Step 1). Boundary markers: None identified to delimit or isolate extracted content. Capability inventory: Read, Write, Grep, and Glob tools (Frontmatter). Sanitization: No explicit validation or sanitization of extracted data is defined before interpolation into JSON templates.
- [EXTERNAL_DOWNLOADS]: The skill references image assets from Pixabay, which is a well-known and reputable stock photography service.
Audit Metadata