blog-rewrite
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
greputility to scan headings and metadata across the blog directory for keyword cannibalization checks. It also accesses local files through relative paths (e.g.,../blog/references/) to retrieve internal quality rubrics. - [EXTERNAL_DOWNLOADS]: Conducts web searches to find statistics and images, and performs HTTP status checks to verify connectivity to external URLs from well-known platforms such as Pixabay and Unsplash.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and processing untrusted blog content and external research data.
- Ingestion points: Reads user-provided blog files and data retrieved from web search results into its context.
- Boundary markers: No explicit delimiters or boundary markers are documented to isolate external content from agent instructions.
- Capability inventory: The skill has permissions for file system read/write operations, shell command execution via grep, and network connectivity verification.
- Sanitization: No explicit mechanisms for sanitizing or validating ingested content are mentioned in the workflow.
Audit Metadata