newsletter-publishing
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of informational templates and standard Python logic. No malicious behavior was detected.
- [DATA_EXPOSURE]: There are no hardcoded credentials, API keys, or access to sensitive local files. The use of MD5 in the Python snippet is for generating non-sensitive subscriber IDs.
- [REMOTE_CODE_EXECUTION]: The Python snippets provided use only standard libraries (dataclasses, hashlib, random, etc.) and do not perform network requests, file system writes, or shell command execution.
- [PROMPT_INJECTION]: The instructions are focused on newsletter workflows and do not contain any attempts to override system prompts or bypass safety filters.
- [INDIRECT_PROMPT_INJECTION]: While the skill uses templates with placeholders (e.g., {{content}} in SKILL.md), it does not automatically ingest untrusted external data or possess capabilities that could be exploited via injection.
Audit Metadata