milan-jovanovic-blog
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests external blog articles, creating an attack surface where malicious instructions embedded in the content could influence the agent's behavior. * Ingestion points: Markdown files in the canonical/ directory sourced from milanjovanovic.tech. * Boundary markers: There are no delimiters in the script logic to separate content from instructions. * Capability inventory: The skill utilizes Bash, Read, and Grep tools, providing significant capabilities if hijacked. * Sanitization: The content_cleaner.py script removes promotional material but does not filter for malicious prompt injection patterns.
- External Downloads (LOW): The skill performs scraping operations targeting milanjovanovic.tech, which is not on the list of trusted external sources.
Audit Metadata