tistory-tech-blog
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is content generation and formatting for technical blogs. No malicious patterns or security risks were detected in the instructions or reference files.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The file references/code-blocks.md contains links to highlight.js hosted on Cloudflare's CDN (cdnjs.cloudflare.com). This is a well-known service provided as a helpful resource for the user's blog output and does not represent an exfiltration risk for the agent itself.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests user topics and interpolates them into markdown templates and file names (e.g., {주제}-{날짜}.md). This is a standard functional requirement for a writing assistant and does not present an elevated risk as it lacks dangerous downstream capability chains.
Audit Metadata