content-brief
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The methodology requires the agent to ingest and process data from untrusted external websites.
- Ingestion points: Step 2 (SERP Analysis) and Step 1.3 (People Also Ask) involve reading external web pages.
- Boundary markers: The skill lacks delimiters or instructions (e.g., 'ignore embedded commands') to separate external data from agent instructions.
- Capability inventory: The agent performs web search (read) and template-based brief generation (write).
- Sanitization: No sanitization or validation of external content is described in the methodology.
- [No Code] (SAFE): The skill consists entirely of markdown templates and documentation; no scripts, binaries, or installation manifests are present.
Audit Metadata