article
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill instructs the installation of
@anthropic-ai/claude-clivia NPM andgoogle-generativeaivia Pip. Both packages originate from trusted organizations (Anthropic and Google), which downgrades the severity of these external dependencies per the trust-scope rule. - COMMAND_EXECUTION (LOW): The skill utilizes shell commands (
claude,gemini) to perform its primary function of article generation. This is appropriate for its stated purpose. - PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) due to the way it handles external data.
- Ingestion points: The skill reads external content from
draft.mdand accepts various user-provided placeholders like[topic],[task], and[feedback]. - Boundary markers: No delimiters or "ignore embedded instructions" warnings are used when interpolating file content into prompts.
- Capability inventory: The skill executes AI generation commands that could be influenced by malicious instructions embedded within the
draft.mdfile. - Sanitization: There is no evidence of sanitization or escaping of the
$ARTICLEvariable before it is passed to the shell-based CLI commands.
Audit Metadata