xhs-content-plan
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from an external platform.
- Ingestion points: Data enters the agent context via the
search_feedsandget_feed_detailtools described inSKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the fetched content are present.
- Capability inventory: No high-risk capabilities such as subprocess execution, file writing, or arbitrary network operations were detected in the skill definition.
- Sanitization: No evidence of sanitization or filtering of the external feed content before processing was found.
Audit Metadata