Skills
skills/shadowcz007/skills/article-drafts/Gen Agent Trust Hub

article-drafts

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The utility in scripts/patch-draft.js reads file content from the local filesystem and transmits it to https://www.mixdao.world. This is the intended behavior for submitting article drafts.
  • [COMMAND_EXECUTION]: The skill involves running Node.js scripts that perform file reads and network operations to interact with the MixDAO API.
  • [EXTERNAL_DOWNLOADS]: The scripts establish HTTPS connections to https://www.mixdao.world to fetch and update draft data.
  • [PROMPT_INJECTION]: The skill processes content from local files, creating a surface for indirect prompt injection.
  • Ingestion points: scripts/patch-draft.js reads data from files provided as CLI arguments.
  • Boundary markers: No delimiters or ignore-instructions warnings are used when handling file content.
  • Capability inventory: The skill utilizes fs.readFileSync for reading files and https.request for network communication.
  • Sanitization: No content validation or sanitization is performed on the data read from files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 10:29 AM