content-brief-factory
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute local Python scripts (
catalog_site.py,scrape_reviews.py,scrape_reddit.py) to perform site cataloging and community data scraping. - [EXTERNAL_DOWNLOADS]: Fetches data from well-known SEO service providers including SerpAPI, Serper.dev, DataForSEO, and ValueSERP, as well as scraping content from Reddit and software review platforms like G2 and Capterra.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing external web content.
- Ingestion points: COMPETITOR_PAGES (via fetch_webpage), REDDIT_THREADS (via reddit-scraper), and PRODUCT_REVIEWS (via review-scraper).
- Boundary markers: Absent. Instructions do not specify the use of delimiters or 'ignore' instructions for external data during the brief generation phase.
- Capability inventory: The skill has access to shell command execution (subprocess), file writing for batch results, and network request capabilities.
- Sanitization: No sanitization, filtering, or validation steps are defined for the data extracted from third-party websites before it is processed by the agent.
Audit Metadata