boring-content-strategy
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it instructs the agent to read and analyze copy-pasted content from the content/hits/ folder to identify winning patterns. Ingestion points: content/hits/ folder (SKILL.md). Boundary markers: Absent; there are no instructions to ignore or delimit embedded commands in the external hit files. Capability inventory: The agent has file-writing capabilities to the content/ directory (SKILL.md). Sanitization: Absent; no validation or escaping of the ingested hit content is performed before processing.
- [COMMAND_EXECUTION]: The skill requires the agent to interact with the local file system to manage content. Evidence: Instructions explicitly direct the agent to create a content/ directory structure and save generated content into individual markdown files organized by platform.
Audit Metadata