aeo-content-strategy
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown-formatted instructions and does not include any scripts, binaries, or configuration files.
- [PROMPT_INJECTION]: The skill is designed to fetch and analyze data from public forums, which introduces a potential surface for indirect prompt injection attacks.
- Ingestion points: The 'Reddit/Quora Community Scan' phase (Phase 1) and 'Signal Analysis' phase (Phase 2) in SKILL.md involve reading untrusted data from external websites.
- Boundary markers: Absent; the instructions do not specify delimiters or constraints to ensure the agent ignores instructions potentially embedded within the ingested community posts.
- Capability inventory: The skill is limited to content analysis and report generation; it does not perform file-system writes, subprocess execution, or arbitrary network operations beyond searching the web.
- Sanitization: Absent; there are no instructions to sanitize or filter strings from external sources before processing.
Audit Metadata