generate-cover-prompt
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists entirely of natural language instructions and does not contain any executable code, shell scripts, or system commands.
- [EXTERNAL_DOWNLOADS]: The skill references jimeng.jianying.com, which is a well-known AI image generation platform provided by ByteDance. This link is intended for user redirection to a legitimate service and does not involve automatic downloads or execution.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes article titles and content from the context (SKILL.md, Workflow Step 1) without utilizing sanitization or explicit boundary markers. However, the risk is negligible because the skill does not have any sensitive capabilities (such as network exfiltration, file system access, or code execution) that could be leveraged by an attacker.
Audit Metadata