blog-post
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill manages files within the
blogs/andresearch/directories. This is legitimate behavior for a writing assistant and no access to sensitive system paths or credentials was observed. - [Indirect Prompt Injection] (LOW): The skill processes research findings saved to
research/[slug].md. - Ingestion points: Reading
research/[slug].mdbefore writing the post. - Boundary markers: None specified for the content of the research file.
- Capability inventory: File writing (
blogs/<slug>/post.md), image generation (generate_cover). - Sanitization: No explicit sanitization of research content is mentioned. While an attacker could theoretically poison a research source, this is a standard risk for research-oriented skills and lacks direct exploitability within the skill logic.
- [Remote Code Execution] (SAFE): The skill does not perform any external package installations or execute remote scripts. It relies on platform-provided tools (
task,generate_cover).
Audit Metadata