technical-blog-writing
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes external search capabilities via the 'exa/search' tool to research blog topics. Content retrieved from the public internet may contain hidden instructions intended to manipulate the agent's output or behavior, a technique known as Indirect Prompt Injection.
- Ingestion points: Technical research data enters the context through the
infsh app run exa/searchcommand inSKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potential commands embedded within the retrieved search results.
- Capability inventory: The skill utilizes several powerful capabilities including shell command execution (
infsh), Python script execution (infsh/python-executor), and social media interaction (x/post-create). - Sanitization: The instructions do not define any validation or filtering mechanisms to process the external data before it is used in the blog generation process.
Audit Metadata