Skills
skills/skillsh/skills/technical-blog-writing/Gen Agent Trust Hub

technical-blog-writing

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the infsh CLI via Bash to run applications for web searching (exa/search), image creation (infsh/html-to-image), and social media posting (x/post-create).- [EXTERNAL_DOWNLOADS]: Fetches installation guidelines from the inference-sh GitHub repository, which is a trusted source.- [REMOTE_CODE_EXECUTION]: Utilizes the infsh/python-executor to run a Python script that generates a benchmark chart. The script is statically defined in the skill and uses standard visualization libraries.- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by ingesting data from the internet via the exa/search tool to assist in content research.
  • Ingestion points: External web content retrieved by the exa/search tool in SKILL.md.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands within the searched content are present.
  • Capability inventory: Access to Bash and the ability to run multiple infsh applications (search, image generation, code execution, social posting).
  • Sanitization: No explicit sanitization or filtering of the external search output is implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:27 PM