content-calendar-sms
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access to sensitive system data were detected. The skill's behavior is consistent with its stated purpose.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection because it reads and processes data from an external context file that could be influenced by an attacker.
- Ingestion points: The file .agents/social-media-context-sms.md is read in full during the initialization phase (Step 1).
- Boundary markers: There are no specific delimiters or markers used to isolate the data read from the context file from the system's instructions.
- Capability inventory: The skill has the ability to create social media posts and fetch analytics data via tool calls to the BlackTwist MCP (Step 5 and Step 7).
- Sanitization: No validation or filtering is performed on the content of the context file before it is used to populate variables for the planning process.
Audit Metadata