optimize-issue
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function involves processing untrusted user input (drafts and outlines), which introduces a vulnerability surface for indirect prompt injection.
- Ingestion points: User-supplied content is ingested and assessed in
SKILL.md(Step 1 and Step 2). - Boundary markers: The instructions do not specify any delimiters or boundary markers to separate user-provided content from the prompts passed to foundation skills.
- Capability inventory: The skill orchestrates several content generation and analysis capabilities, including draft generation via
writing:copywriting, subject line creation viacontent-strategy:title, and hook drafting viacontent-strategy:hook. - Sanitization: No input sanitization or filtering is performed on the user-provided drafts before they are processed by foundation skills.
Audit Metadata