linkedin-post-generator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, such as credential theft or unauthorized network communication, were detected. The skill's external references point to legitimate vendor resources (sas-am.com).
- [NO_CODE]: The skill is implemented entirely through markdown-based prompts and templates. It does not include executable scripts (Python, Node.js, or Shell), which eliminates the risk of code-based attacks within the skill package itself.
- [INDIRECT_PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection as it ingests untrusted user content and website articles to generate content and tool prompts.
- Ingestion points: Processes user-provided topics, briefs, and full website articles via the Input and Interview sections in SKILL.md.
- Boundary markers: The instructions do not define the use of specific delimiters or 'ignore' instructions for the processed external content.
- Capability inventory: Utilizes the Task tool for subagent orchestration and the Skill tool to call nano-banana-2 for image generation.
- Sanitization: No explicit input validation or sanitization routines are specified in the workflow.
Audit Metadata