ugc-campaign-management
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted User Generated Content (UGC) from Instagram and web forms, which serves as an attack surface for indirect prompt injection. \n
- Ingestion points: External content is fetched from the Instagram Graph API (SKILL.md) and collected via direct upload widgets. \n
- Boundary markers: There are no explicit markers or delimiters in the implementation to separate untrusted content from system instructions. \n
- Capability inventory: The skill can send emails (scheduleEmail), post social media comments (postInstagramComment), and update database records (db.ugcSubmissions.upsert), which are potential targets for malicious input. \n
- Sanitization: The inclusion of Perspective and Vision APIs provides brand safety moderation but does not specifically sanitize against prompt injection techniques.
Audit Metadata