brand-voice
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted external data (user-provided content samples) without using delimiters or sanitization.
- Ingestion points: User-provided text samples in 'Mode 1: Content Analysis' and 'Mode 3: Voice Review'.
- Boundary markers: None; the instructions lack delimiters or specific 'ignore' commands for the user-provided text.
- Capability inventory: Local file system access for reading and writing markdown files in the 'brand-memory/' directory.
- Sanitization: No sanitization or validation of the input content is performed before analysis.
- [NO_CODE]: This skill does not ship with any executable scripts, binaries, or external dependencies. It relies entirely on markdown-based instructions to guide the agent through content analysis and file management using the agent's built-in capabilities.
Audit Metadata