blog-audit
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs legitimate analysis of blog posts, including quality scoring, SEO validation, and link health checks. It includes a built-in filter to exclude sensitive files like
package.jsonandLICENSEfrom the audit process. - [PROMPT_INJECTION]: The skill processes untrusted content from blog files which presents an indirect injection surface where content-embedded instructions could potentially influence the auditing agents.
- Ingestion points: Local blog files (*.md, *.mdx, *.html) in project subdirectories.
- Boundary markers: No specific delimiters or instructions to ignore embedded content are used.
- Capability inventory: Reads local filesystem, spawns subagents via the Task tool, and writes a report to blog-audit-report.md.
- Sanitization: The skill analyzes raw file content without explicit sanitization steps.
Audit Metadata