research
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions and reference frameworks align with its stated purpose of providing content research and strategic planning without engaging in malicious activities.
- [PROMPT_INJECTION]: The skill processes untrusted external data from web searches and competitor content, which establishes a theoretical surface for indirect prompt injection. However, this is inherent to the skill's primary function of research.
- Ingestion points:
SKILL.md(Step 2 and 3) describes gathering data from web searches and YouTube Analytics regarding existing content and competitors. - Boundary markers: The prompt does not specify the use of delimiters or instructions for the agent to ignore embedded commands within the researched material.
- Capability inventory: The skill has the ability to write findings to a research document, invoke subagents via the
Tasktool, and call other skills such aswriting:voiceandbranding-kit:brand-guidelines. - Sanitization: There is no evidence of sanitization or validation of the external content before it is processed or written to the output file.
- [EXTERNAL_DOWNLOADS]: The skill contains numerous references to well-known social media strategy and marketing platforms (e.g., vidIQ, Buffer, Hootsuite, Sprout Social) in its reference files. These are informational links to external articles and do not involve remote code execution.
Audit Metadata