card-news-copy-writer
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses local branding and voice configuration files such as
card-news-memory/series-config.mdandbrand-memory/voice-profile.mdto personalize the generated copy. These files are internal memory resources and do not contain sensitive system or user information. - [PROMPT_INJECTION]: A vulnerability surface for indirect prompt injection exists as the skill ingests data from user topics and historical copy files without explicit sanitization or boundary markers.
- Ingestion points: User-provided topic string and local
card-news-memory/copy-bank.mdfile content. - Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands in the ingested text.
- Capability inventory: The skill is restricted to generating structured markdown output for downstream processes and does not have command execution or network capabilities.
- Sanitization: Absent; the skill does not filter or escape the ingested content before processing.
Audit Metadata