content-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The core workflows involve executing local Python scripts (e.g., seo_optimizer.py) using command-line arguments derived from user input, such as keywords. If the agent fails to sanitize these strings before interpolation, it could lead to command injection.
- PROMPT_INJECTION (LOW): The skill processes untrusted external content (Category 8) to provide brand analysis and SEO recommendations. The lack of explicit boundary markers or content sanitization for the analyzed text files could allow embedded instructions to influence the agent's subsequent reasoning or output. Mandatory Evidence Chain: 1. Ingestion points: User-provided text files like existing_content.txt and blog_post.md. 2. Boundary markers: Absent in the workflow definitions. 3. Capability inventory: Local Python script execution and file system operations (cp, grep). 4. Sanitization: No sanitization or validation logic is specified in the instruction file.
Audit Metadata