seo-content-brief
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and processing untrusted data from the web.\n
- Ingestion points: Data enters the agent's context from external URLs and search results via the 'infsh app run tavily/extract' and 'exa/search' tools (SKILL.md).\n
- Boundary markers: The skill's templates lack explicit boundary markers or instructions to disregard embedded commands in the retrieved content.\n
- Capability inventory: The skill has the 'Bash(infsh *)' capability, allowing it to execute various CLI-based applications (SKILL.md).\n
- Sanitization: No sanitization or validation of the ingested external content is performed before it is used to construct content briefs.
Audit Metadata