reply-writer
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external content, including original posts and existing replies from Reddit, which creates an attack surface for indirect prompt injection.\n
- Ingestion points: SKILL.md (Step 1: Gather Inputs
- Original post, Top existing replies).\n
- Boundary markers: The skill does not define explicit delimiters or instructions to ignore embedded commands within the processed external data.\n
- Capability inventory: There are no high-risk capabilities such as network operations, file system access, or command execution defined within the skill.\n
- Sanitization: The skill lacks explicit sanitization, validation, or filtering mechanisms for the external inputs prior to processing.
Audit Metadata