platforms-grokipedia
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed entirely of Markdown documentation and text-based templates. It does not include or reference any executable Python code, Node.js scripts, or shell commands.
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it processes user-supplied data (brand names, URLs, and topics) and interpolates them into templates.
- Ingestion points: User-provided brand names, article topics, and website URLs are ingested in the 'Action' section templates (SKILL.md).
- Boundary markers: Absent; the skill does not use specific delimiters or guardrail instructions to isolate user-supplied strings within the generated output.
- Capability inventory: None; the skill lacks any capabilities for command execution, file system access, or network operations, which effectively neutralizes the functional risk of an injection attack.
- Sanitization: Absent; the templates do not perform escaping or validation on user-provided inputs.
- [SAFE]: No malicious patterns were identified. The external links target the platform described in the skill and informational news sources. The skill author uses the platform grokipedia.com as a primary resource, which is consistent with the stated purpose of the skill.
Audit Metadata