ideate
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted external data to generate content ideas.
- Ingestion points: YouTube transcripts, newsletter issues, and web trend findings (SKILL.md, Step 1).
- Boundary markers: Absent; the skill provides no explicit delimiters to isolate external source material from its instruction set.
- Capability inventory: The skill utilizes subagent orchestration via the Task tool and invokes external skills such as writing:voice and branding-kit (SKILL.md, Ideation Subagents section).
- Sanitization: Absent; there are no instructions for sanitizing or validating external input before processing.
- [SAFE]: No hardcoded credentials, sensitive file access, or unauthorized network communication patterns were identified. The workflow relies on standard agent tool calls for web search and internal skill orchestration.
Audit Metadata