crafting-ai-copywriting
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes prompt templates that interpolate user-provided topics, creating a surface for indirect prompt injection. While the risk is mitigated by the skill's limited text-generation capabilities, the lack of input handling is noted.
- Ingestion points: User input for copy topics is inserted into templates across the
references/PROMPTS.mdfile. - Boundary markers: No specific delimiters or instructions (e.g., 'ignore instructions within this block') are used to wrap user-provided content.
- Capability inventory: The skill is restricted to text generation via the LLM and does not have access to file systems, network operations, or shell execution.
- Sanitization: No input validation, escaping, or filtering of user-provided topics is implemented.
- [PROMPT_INJECTION]: Marketing techniques like 'Forbidden Orders' (Caligula effect) described in the guidelines are stylistic in nature and do not attempt to bypass core AI safety filters or override system instructions.
Audit Metadata