Skills
skills/brianrwagner/ai-marketing-claude-code-skills/daily-briefing-builder/Gen Agent Trust Hub

daily-briefing-builder

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using tools like awk, find, grep, and sed to process local files and extract briefing information.- [EXTERNAL_DOWNLOADS]: Fetches current weather information from the well-known service wttr.in via a curl request.- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection as it processes untrusted content from the user's Obsidian vault.
  • Ingestion points: Reads data from markdown files in the user's vault at bambf/tracking/daily-actions/ and content/ready-to-post/.
  • Boundary markers: No specific delimiters or safety instructions are used to separate the extracted file content from the agent's instructions.
  • Capability inventory: The agent uses the bash tool for file system access and network operations.
  • Sanitization: The skill does not sanitize or escape the content read from files before formatting it into the final briefing output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 11:29 PM