social-media-posts
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A comprehensive review of the skill's instructions, metadata, and workflows revealed no malicious patterns, such as obfuscation, credential exfiltration, or unauthorized command execution.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) because it is designed to read and repurpose external content from user-provided file paths or URLs. This is a core functional requirement and is considered low risk given the skill's limited capabilities.
- Ingestion points: The workflow specifies reading 'Topic or source content' from user-provided paths or URLs in
SKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to isolate or ignore potentially malicious commands embedded within the ingested source material.
- Capability inventory: The skill is granted access to standard file system tools including
Read,Write,Glob, andGrep, which are used to process content and save results to a local directory (.jez/artifacts/). - Sanitization: The instructions do not define any sanitization or validation routines for the external content before it is processed by the agent.
Audit Metadata