digest
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process untrusted external data, creating a potential surface for indirect prompt injection where malicious instructions could be embedded in the content being summarized.
- Ingestion points: The workflow in SKILL.md explicitly lists 'URL, feed, JSON' as input sources.
- Boundary markers: Absent. The instructions do not define delimiters or specific 'ignore instructions' guards for the external data.
- Capability inventory: None. The skill contains no executable scripts, system commands, or network operations of its own.
- Sanitization: Absent. No sanitization or validation logic is specified for the input data.
Audit Metadata