create-post
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill manages legitimate workflow sequencing and local file operations within the episode directory, consistent with its documented purpose.
- [PROMPT_INJECTION]: The skill incorporates an indirect prompt injection surface by ingesting data from local planning files to provide context for content generation.
- Ingestion points: Reads video title and context from './youtube/episode/*/plan.md' during Step 0.
- Boundary markers: No specific delimiters or safety instructions are used when interpolating the file content into prompts.
- Capability inventory: The skill is restricted to local file read/write and internal skill orchestration; it lacks network access, shell command execution, or dynamic code evaluation capabilities.
- Sanitization: Input from the local filesystem is processed as raw text without explicit validation or sanitization.
Audit Metadata