story-driven-email-campaigns
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The content consists entirely of marketing frameworks and storytelling templates. There are no attempts to override system prompts, bypass safety filters, or use adversarial role-play patterns.
- [Data Exposure & Exfiltration] (SAFE): No commands or instructions exist to access sensitive files (like SSH keys or credentials) or transmit data to external domains.
- [Remote Code Execution] (SAFE): The skill does not include any download commands (curl, wget) or shell execution patterns.
- [Indirect Prompt Injection] (LOW): The skill possesses an attack surface as it processes user input from the 'Discovery & Planning Questions'.
- Ingestion points: User-provided answers to the 8 planning questions (e.g., audience demographics, brand stories).
- Boundary markers: Absent; the skill does not explicitly instruct the agent to ignore instructions embedded in the user's answers.
- Capability inventory: None; the skill is limited to text generation and lacks subprocess calls, network access, or file-writing capabilities.
- Sanitization: Absent; the skill does not specify validation for the user's input.
- [Dynamic Execution] (SAFE): No code generation, runtime compilation, or unsafe deserialization (pickle/yaml) is utilized.
Audit Metadata