resonance-copywriter
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the run_command tool to run a local script scripts/banned_phrase_scan.py for analyzing text. This sequence creates a risk of command injection if untrusted user text is passed as a command-line argument.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection vulnerability surface. 1. Ingestion points: External AI-generated text is processed for humanization as described in SKILL.md. 2. Boundary markers: No delimiters are used to isolate user content. 3. Capability inventory: The skill provides access to run_command and various file editing tools. 4. Sanitization: The provided linting script does not sanitize for executable logic or prompt overrides.
- [PROMPT_INJECTION]: The references/entropy_protocol.md file provides instructions to bypass AI detection mechanisms by using stylistic obfuscation techniques.
Audit Metadata