Skills
skills/megastep/codex-skills/blog-analyze/Gen Agent Trust Hub

blog-analyze

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to the ingestion and processing of untrusted content.
  • Ingestion points: SKILL.md defines input handling that includes reading local files and fetching content from arbitrary URLs via WebFetch.
  • Boundary markers: The 'Scoring Process' does not define specific delimiters (e.g., XML tags or triple quotes) or provide system-level instructions for the agent to ignore instructions embedded within the blog post.
  • Capability inventory: The skill possesses file system read access and network ingress capabilities via WebFetch.
  • Sanitization: There is no mention of input validation, sanitization, or escaping of the retrieved content before it is interpolated into the analysis prompt.
  • [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to download content from external, user-specified URLs as part of its primary blog auditing function.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 01:29 AM