title-gen
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill instructions focus on standard text processing and natural language generation.
- [DATA_EXFILTRATION]: The skill references a local file at
./writing-workspace/styles/my_style.jsonto load user styling preferences. This access is limited to the expected workspace directory and does not target sensitive system paths, private keys, or credentials. - [PROMPT_INJECTION]: The skill ingests untrusted article content from the user (Ingestion Point). While there are no explicit boundary markers or sanitization routines mentioned, the skill's capability inventory is highly restricted to text generation and a specific JSON read. There are no tools available for network communication, shell execution, or file writing, which effectively neutralizes the risks associated with indirect prompt injection.
Audit Metadata