pmm
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates data from an external library and user-provided inputs into content generation prompts.
- Ingestion points: Content is fetched from the library using tools such as get_entity and search_knowledge_base in SKILL.md.
- Boundary markers: The skill does not employ explicit delimiters or instructions to treat library-sourced content as untrusted data, which could allow instructions embedded in that data to influence the AI output.
- Capability inventory: The skill has the ability to generate various types of marketing content using the generate_content and generate_email tools.
- Sanitization: No evidence of sanitization or filtering of the retrieved library data or user inputs before processing was found.
Audit Metadata