essay-brief
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface. The skill ingests untrusted user content (notes and answers) and interpolates them into a generated markdown file without sufficient protection.
- Ingestion points: User-provided essay notes and conversational answers across six phases are used to populate the 'Raw Material' and 'Core Intent' sections.
- Boundary markers: Absent. There are no specific delimiters (like triple quotes or XML tags) or instructions to the agent to treat user content as data-only.
- Capability inventory: The skill instructions involve generating a local markdown file ('essay-brief.md'). No system command execution, network requests, or sensitive file access capabilities are requested or used.
- Sanitization: Absent. The skill summarizes or pastes raw user input directly into the final output brief.
- NO_CODE (SAFE): The skill contains only Markdown instructions and does not include any Python, Node.js, or shell scripts, significantly reducing the attack surface.
Audit Metadata