Skills
skills/openclaw/skills/content-generation/Gen Agent Trust Hub

content-generation

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user input (topics and descriptions) to generate various content types, creating a surface for indirect prompt injection.
  • Ingestion points: Usage examples and quick actions in SKILL.md accept arbitrary user-provided text for generation.
  • Boundary markers: Absent; there are no explicit delimiters or instructions to the agent to ignore instructions embedded within the user input.
  • Capability inventory: The skill utilizes network access tools (curl, axios) and version control tools (git).
  • Sanitization: Absent; the skill does not define any validation or filtering logic for the input strings it processes.
  • [EXTERNAL_DOWNLOADS]: The skill installs the axios Node.js package and utilizes curl for remote data fetching as part of its content research capabilities.
  • [COMMAND_EXECUTION]: The skill requires access to system binaries including curl, jq, and git, allowing it to execute shell commands to interact with external APIs and manage repositories.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 02:47 AM