content-calendar
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill retrieves data from the internet via WebSearch and WebFetch tools, which creates a vulnerability surface for indirect prompt injection.
- Ingestion points: Web research results used to build the content calendar in SKILL.md.
- Boundary markers: Absent. The skill does not provide instructions to isolate or ignore potentially malicious commands within the external web data.
- Capability inventory: The skill is configured with file manipulation tools including Write, Edit, Grep, and Glob in SKILL.md.
- Sanitization: Absent. There are no content filtering or validation steps defined for the data retrieved from external sources.
Audit Metadata