article-queue
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes data from external files which could contain malicious instructions if the file source is compromised.
- Ingestion points: Reads queue data from
~/.claude/article-queue.mdand.claude/article-queue.md. - Boundary markers: Absent; the skill parses list items directly and does not employ delimiters to isolate data from instructions.
- Capability inventory: File system read/write access and the ability to trigger the
/articleworkflow using data extracted from the queue files. - Sanitization: Absent; topic strings are used as inputs for subsequent agent actions without validation or escaping.
Audit Metadata