content-writer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface because it processes content from external web searches to research topics. However, this risk is inherent to the skill's primary function and is mitigated by the specific writing constraints provided.
- Ingestion points: External data enters the agent context via the
WebSearchandmcp__perplexity-ask__perplexity_asktools. - Boundary markers: No explicit delimiters or 'ignore embedded instructions' warnings are used for search results.
- Capability inventory: The skill is authorized to use
WriteandEdittools to modify local files. - Sanitization: There is no evidence of automated sanitization for retrieved web content.
- [COMMAND_EXECUTION]: The skill uses filesystem tools (
Read,Write,Edit,Grep,Glob) to manage article drafts. These operations are restricted to the intended workflow of creating and updating content as requested by the user. - [EXTERNAL_DOWNLOADS]: The skill references an external tool for information retrieval (
mcp__perplexity-ask__perplexity_ask). Perplexity is a well-known AI search service, and its use here is consistent with the skill's research-oriented purpose.
Audit Metadata