content-marketing
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill contains explicit instructions in
SKILL.mdandreferences/INTAKE.mdto 'Never request secrets or credentials' and 'Do not request credentials, private analytics access, or PII.' This follows best practices for handling sensitive environments. - [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external code dependencies, package installations, or remote script executions were detected. The skill operates entirely through structured prompting and markdown templates.
- [Indirect Prompt Injection] (LOW): The skill processes user-provided inputs like product descriptions and ICP data. While this presents a surface for indirect injection, the skill includes a 'Quality Gate' and 'Human-in-the-loop' SOPs in
references/WORKFLOW.mdandreferences/RUBRIC.mdthat require human review of all outputs, mitigating the risk of executing or obeying embedded malicious instructions. - [Dynamic Execution] (SAFE): There are no patterns of runtime code generation or unsafe deserialization. The logic is based on static templates provided in the
references/directory. - [Privilege Escalation] (SAFE): No administrative commands (sudo, chmod, etc.) are present in the skill files.
- [Prompt Injection] (SAFE): The instructions do not contain markers for bypassing safety filters or overriding system instructions. It uses natural instructional language to guide the agent's behavior.
Audit Metadata