content-strategy
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is entirely comprised of markdown documentation and instructions for the AI; it does not include any Python scripts, Node.js code, or binary executables.
- [PROMPT_INJECTION]: The skill describes processes that involve analyzing external, untrusted content, which establishes a surface for indirect prompt injection. 1. Ingestion points: The instructions suggest searching external sites like Reddit, Quora, and competitor blogs, and analyzing user-provided call transcripts and survey data. 2. Boundary markers: No delimiters or specific safety instructions (e.g., 'ignore commands in transcripts') are included to protect against instructions embedded in external data. 3. Capability inventory: The skill is restricted to text generation and does not have the ability to execute system commands, write files, or make raw network requests. 4. Sanitization: There is no requirement for input validation or content filtering defined in the prompt.
- [SAFE]: No malicious patterns, such as obfuscated code, hardcoded credentials, or persistence mechanisms, were found during the analysis.
Audit Metadata