ai-podcast-creation
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides templates for processing external documents into podcast scripts via Large Language Models. This creates an indirect prompt injection surface where untrusted content could potentially attempt to subvert agent instructions.
- Ingestion points: The 'NotebookLM-Style Content' section in
SKILL.mddemonstrates workflows that ingest raw document text into LLM prompts. - Boundary markers: The prompt templates do not employ specific delimiters or 'ignore' instructions to isolate the ingested content from the agent's primary system instructions.
- Capability inventory: The skill is configured to allow the agent to execute any
infshcommand via the Bash tool. - Sanitization: The skill does not implement or recommend sanitization or escaping of input data before it is processed by the model.
Audit Metadata