topic-reviewer
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted content from 'output/generated_topics' and transforms it into 'revision_instructions' for downstream agents. (1) Ingestion points: Reads topic data from 'output/generated_topics'. (2) Boundary markers: Absent; the skill does not use delimiters or explicit instructions to ignore commands embedded within the reviewed topics. (3) Capability inventory: Performs file system read and write operations within the 'output/' directory. (4) Sanitization: Absent; the skill does not validate or filter topic content before interpolating it into the review output.
Audit Metadata