content-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill processes local files for analysis without external network calls or sensitive data access.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The provided script uses standard library Python modules (re, json, sys, typing). No evidence of remote code execution or untrusted package installation was detected.
- [Indirect Prompt Injection] (SAFE): The skill ingests untrusted data via text files for analysis. Risks are mitigated by the lack of exploitable capabilities such as network access or system-wide write permissions. * Ingestion points: scripts/brand_voice_analyzer.py reads content from a file path provided as a command-line argument. * Boundary markers: No delimiters or warnings are present in the script code. * Capability inventory: Capabilities are limited to local file reading, regular expression matching, and word/syllable counting. * Sanitization: No sanitization is performed on input text, but results are used for passive analysis only.
Audit Metadata