blog-post-writer
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is comprised exclusively of Markdown instructions and reference files. It does not include any Python, Node.js, or shell scripts, which eliminates the risk of Remote Code Execution (RCE) or malicious dependency attacks.
- [DATA_EXFILTRATION] (SAFE): No network operations (e.g., curl, fetch) or external URLs are present in the skill workflow. The skill only interacts with user-provided text and its own bundled resources.
- [COMMAND_EXECUTION] (SAFE): While the reference documents mention technical tools (e.g., 'npm test', 'rg'), they are used as stylistic examples for the writing persona and are not instructions for the agent to execute on the host system.
- [PROMPT_INJECTION] (SAFE): The skill processes untrusted user data (the 'brain dump'). While it lacks explicit sanitization or boundary markers, it also lacks any dangerous capabilities (network access, file modification) that could be exploited via injection. Evidence Chain for Category 8: 1. Ingestion points: User-provided brain dump (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: None (text generation only). 4. Sanitization: Absent.
Audit Metadata