plan-issue
Fail
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: CRITICALPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted user-provided materials like topics and transcripts without proper isolation. Ingestion points: User topics, transcripts, and URLs; Boundary markers: None; Capability inventory: Local file writing; Sanitization: None. \n- [EXTERNAL_DOWNLOADS]: The skill uses a template file, 'references/linkedin.md', which has been flagged by security scanners for containing a phishing URL. \n- [COMMAND_EXECUTION]: The skill writes to the file system using paths based on user input, which could lead to path traversal if the slugification is bypassed.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata