linkedin-writer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns or critical security vulnerabilities were identified in the skill files. The logic is strictly focused on collaborative content creation.
- [EXTERNAL_DOWNLOADS]: The skill integrates with Apify, a well-known automation platform, to fetch content from YouTube and URLs. It specifies the use of 'topaz_sharingan/Youtube-Transcript-Scraper-1' and 'apify/web-scraper' actors. These tools are used for source intake to provide material for the writing process. In accordance with trust rules for well-known services, this finding is documented neutrally.
- [INDIRECT_PROMPT_INJECTION]: The skill features a surface for indirect prompt injection as it ingests untrusted data from the web and video transcripts. However, the risk is mitigated by the fact that the agent's capabilities are limited to writing text artifacts and do not include sensitive system operations. Mandatory Evidence Chain:
- Ingestion points: YouTube and blog article content fetched via Apify actors or user input in 'SKILL.md' (Step 0).
- Boundary markers: The prompt lacks explicit delimiters or instructions to ignore commands within the fetched content.
- Capability inventory: Limited to creating markdown artifacts and performing web scrapes; no shell access, file-write to sensitive paths, or network exfiltration.
- Sanitization: No specific sanitization or filtering of external content is mentioned.
Audit Metadata