LinkedIn Automation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines automation templates for engagement and outreach that interpolate untrusted external data from LinkedIn. • Ingestion points: External content enters the agent context via variables such as {{answer}}, {{insight}}, and {{topic}} in the outreach and engagement templates defined in SKILL.md. • Boundary markers: The skill does not use explicit delimiters or specific instructions to isolate or ignore potential commands within the external content. • Capability inventory: The skill possesses write capabilities through the linkedin_post and linkedin_message tools, which could be misused if an injection occurs. • Sanitization: No sanitization, validation, or filtering logic is specified for the external inputs before they are interpolated into the prompt templates.
- [NO_CODE]: The analyzed skill consists exclusively of markdown documentation and YAML configuration, with no executable Python, Node.js, or binary files included.
Audit Metadata