Podcast Automation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes templates for show notes, social media posts, and RSS feeds that interpolate untrusted user data (e.g., episode_title, summary, guest_name). This represents a surface for indirect prompt injection where malicious input could influence generated content.\n
- Ingestion points: episode_config, show_notes_template, and rss_feed templates within SKILL.md.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present.\n
- Capability inventory: Tools such as podcast_publish and distribution_sync suggest the agent has capabilities for network and file operations.\n
- Sanitization: No input validation or sanitization logic is defined within the skill content.\n- [NO_CODE]: The skill consists entirely of markdown documentation and YAML configuration templates; it contains no executable scripts or code files.\n- [SAFE]: Analysis of the skill body and metadata reveals no hardcoded credentials, malicious remote code execution patterns, or unauthorized network operations.
Audit Metadata