blogger
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security risks were detected in the provided files. The skill is purely instructional and lacks the capability to execute commands or access external resources.
- [DATA_EXPOSURE] (INFO): The skill contains references to external URLs for samwho.dev and joshwcomeau.com. These are static informational links used for stylistic analysis and do not facilitate automated data exfiltration.
- [NO_CODE] (SAFE): The skill is composed entirely of Markdown documentation. It does not include Python, JavaScript, or shell scripts, and it does not define any environment variables or package dependencies.
- [INDIRECT_PROMPT_INJECTION] (LOW): While the skill ingests user input to generate blog content, it lacks the 'write' or 'execute' capabilities necessary to pose a threat via indirect injection. The impact of a successful injection would be limited to the text output of the agent.
Audit Metadata