blog-writer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill instructions are purely task-oriented (blog writing, SEO) and do not contain any commands designed to bypass safety filters or override agent behavior.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network operations were found in the skill or its references.
- [Remote Code Execution / Dependencies] (SAFE): The skill does not include any scripts (Python, Node.js, Shell) or download any external packages.
- [Indirect Prompt Injection] (LOW): The skill is intended to process external "materials" or "notes" provided by the user. While this creates a surface for indirect prompt injection if the source material contains malicious instructions, the skill itself lacks the capabilities (like file writing or network requests) to execute harmful actions based on that input.
- Ingestion points: Processes user-provided "materials" and "bullet points" (SKILL.md).
- Boundary markers: None explicitly defined in the instruction set.
- Capability inventory: None; the skill is text-only and has no script-based capabilities.
- Sanitization: None specified.
Audit Metadata