content-engine
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its core workflow of analyzing external web content to generate new drafts.\n
- Ingestion points: Phase 1 (Research) uses
web_searchto ingest competitor articles and "People Also Ask" snippets from the open internet into the agent's context.\n - Boundary markers: The skill instructions lack delimiters or explicit safety directives to ensure the agent ignores instructions embedded within the analyzed competitor content.\n
- Capability inventory: The skill possesses the capability to write files to the local workspace and interact with external publication tools like WordPress, Notion, and Mixpost if those skills are available.\n
- Sanitization: There is no evidence of sanitization or validation of the retrieved web content before it is processed in the drafting and optimization phases.
Audit Metadata