podcast-studio
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown instructions. No scripts (Python, JS, Shell) or configuration files are provided.
- [DATA_EXFILTRATION] (SAFE): There are no commands for network access or reading sensitive local files.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes user text to create scripts, but lacks executable capabilities, neutralizing the risk of indirect injection. Evidence: 1. Ingestion points: User-provided text content; 2. Boundary markers: Absent; 3. Capability inventory: None; 4. Sanitization: Absent.
- [EXTERNAL_DOWNLOADS] (SAFE): Although Tone.js and Howler.js are mentioned in the description, no download commands or remote references are present in the skill code.
Audit Metadata