writing-zenn-articles
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the agent to fetch external data from zenn.dev, zenn.dev/trending, and zenn.dev/topics/. These are well-known technology services and the usage is consistent with the skill's purpose of trend research.- [COMMAND_EXECUTION]: The workflow requires executing several local shell commands, including ls, mkdir, pnpm exec, and pnpm run. These are used for article management and running quality checks within the local environment.- [PROMPT_INJECTION]: The skill processes untrusted user-generated content from external Zenn URLs to influence the agent's content creation suggestions.
- Ingestion points: Trending articles and topic statistics are fetched from zenn.dev and zenn.dev/trending (INSTRUCTIONS.md).
- Boundary markers: No specific delimiters or warnings are used to prevent the agent from obeying instructions that might be embedded in the fetched article titles.
- Capability inventory: The agent can execute shell commands (pnpm, ls, mkdir) and write files to the local directory (INSTRUCTIONS.md).
- Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external URLs before it is processed.
Audit Metadata