content-repurposer
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process untrusted external data.\n
- Ingestion points: The skill takes "any source content" such as newsletters, podcasts, or articles as input for transformation, as specified in the SKILL.md file.\n
- Boundary markers: The instructions do not define or use robust boundary markers or delimiters to isolate the untrusted source content from the agent's core instructions.\n
- Capability inventory: The skill's capabilities are limited to text generation, template application, and routing to platform-specific sub-agents or tools (e.g., nano-banana-image-generator). There are no capabilities for network requests, file system modification, or command execution.\n
- Sanitization: There is no mention of sanitization or filtering of the input source content to prevent potentially malicious instructions embedded in the text from influencing the agent's behavior.
Audit Metadata