Skills
skills/christowles/blog/blog-02-write-post/Gen Agent Trust Hub

blog-02-write-post

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (MEDIUM): The skill is vulnerable to indirect prompt injection through its research phase.
  • Ingestion points: External data from the internet via the 'WebSearch' capability used in step 1.
  • Boundary markers: Absent. The instructions do not define delimiters or provide specific warnings to the agent to ignore instructions embedded within the retrieved web content.
  • Capability inventory: The agent has the capability to write files to the local file system (packages/blog/content/2.blog/).
  • Sanitization: Absent. There is no requirement for the agent to sanitize, escape, or validate the content retrieved from the web before using it to generate the blog post or code examples.
  • Data Exposure (LOW): The skill explicitly targets specific local directories (packages/blog/content/2.blog/). While this is within the scope of its stated purpose, it identifies a predictable path structure that could be targeted if an injection occurs.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 12:39 PM