article-title-generator
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill ingests untrusted text and file content without boundary markers or instructions to disregard embedded commands. • Ingestion points: The content and file arguments of the /generate-titles command. • Boundary markers: Absent; input is treated as raw text. • Capability inventory: Facilitates reading local filesystem paths via the agent's core capabilities. • Sanitization: None provided in the skill instructions to prevent the agent from following instructions embedded within the processed content.
- Data Exposure (LOW): The skill encourages reading local files via user-provided paths, which could lead to exposure of sensitive information if the agent's file-reading scope is not restricted.
Audit Metadata