my-content-digest
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted external data (YouTube transcripts, tweets), which creates a surface for indirect prompt injection.
- Ingestion points: Content is received from the output of the 'fetch' skill or direct user input as described in the workflow.
- Boundary markers: The instructions do not define clear delimiters (e.g., XML tags or triple quotes) to separate the untrusted content from the agent's logic.
- Capability inventory: The skill utilizes
AskUserQuestionto interact with users but does not demonstrate direct file-system or network access in the provided instructions. - Sanitization: There is no mention of sanitizing or validating the ingested content to prevent embedded instructions from overriding the agent's behavior.
Audit Metadata