Skills
skills/kenneth-liao/ai-launchpad-marketplace/extract-ideas/Gen Agent Trust Hub

extract-ideas

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data which can contain malicious instructions intended to subvert the agent's logic (Indirect Prompt Injection).
  • Ingestion points: The skill reads YouTube transcripts, newsletter content, and web trends provided by the orchestrator or fetched via web search (SKILL.md, Step 1; substack-notes-ideation.md, Step 1).
  • Boundary markers: There are no explicit instructions to treat source material as data only or to ignore embedded instructions within the text.
  • Capability inventory: The skill uses the Agent tool to run sub-tasks in the background and calls other skills such as creator-stack:voice and creator-stack:brand-guidelines (SKILL.md, Voice Application/Brand Compliance).
  • Sanitization: No sanitization or validation logic is present to filter out potential prompt injection attacks hidden within the processed transcripts or web content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 01:33 AM