x-content-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE] (SAFE): The skill does not access sensitive system files (e.g., SSH keys, environment variables) or hardcode any API credentials. It operates only on the content provided by the user and its own internal reference file.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no commands to download or execute external scripts, install packages (npm/pip), or use dynamic execution functions like eval() or exec().
- [COMMAND_EXECUTION] (SAFE): No shell commands or system-level process spawning were found. The workflow is restricted to text processing and tool calls (WebSearch).
- [PROMPT_INJECTION] (LOW):
- Ingestion points: The skill ingests untrusted text from users via direct input or markdown files (Step 1).
- Boundary markers: The instructions do not define specific delimiters (like XML tags) to separate user content from the system prompt, though it uses structured workflow steps.
- Capability inventory: Uses
WebSearchand can potentially modify local files if the user approves changes. - Sanitization: No explicit sanitization of user input is mentioned. This presents a surface for indirect prompt injection where a malicious tweet could attempt to redirect the agent's behavior, though this is a common risk for text-processing skills and not a malicious feature of the skill itself.
Audit Metadata