article-producer
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill ingests untrusted source material and processes it through an automated pipeline with file-writing capabilities. Ingestion points: External source material saved as source-x.md. Boundary markers: None present; the skill lacks delimiters or instructions to ignore commands within the source text. Capability inventory: File system access to create directories and write multiple markdown files. Sanitization: None specified; content is passed directly to analysis and writing sub-skills.
- [Command Execution] (LOW): The skill performs automated file system operations including directory creation and markdown file writing. This is a necessary but privileged set of actions that increases the potential impact of a successful indirect prompt injection attack.
Recommendations
- AI detected serious security threats
Audit Metadata