blog-writing-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
infsh/python-executortool to run dynamically generated Python code for creating benchmark charts. While the provided example usesmatplotlibfor legitimate visualization, this pattern involves generating and executing code at runtime. - [COMMAND_EXECUTION]: The skill employs
infsh/html-to-imageto render HTML and CSS into visual diagrams for architectural explanations. - [PROMPT_INJECTION]: The skill is designed to ingest and process unstructured user data referred to as 'brain dumps' to generate blog posts, creating a surface for indirect prompt injection.
- Ingestion points: User-provided 'brain dump' text processed in Part 2 and Part 3 of SKILL.md.
- Boundary markers: Absent. The skill does not specify delimiters or instructions for the agent to ignore commands potentially embedded within the user-provided content.
- Capability inventory: The skill has access to tools for command execution (
infsh/python-executor) and image generation. - Sanitization: Absent. There is no logic defined to sanitize or validate the content of the brain dump before it is processed by the agent.
Audit Metadata