newsletter
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions are focused entirely on creative writing, strategy, and content optimization. There are no executable scripts, binaries, or commands that interact with the host system in a dangerous manner.
- [DATA_EXPOSURE]: The skill reads from a local directory named
brand-memory/to access files likevoice-profile.mdandaudience.md. This is a standard functional requirement for personalizing the agent's output and does not target sensitive system files or credentials. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input in the form of user-provided topics, source content, and past newsletter issues.
- Ingestion points: Files in
brand-memory/and user-provided text during the 'Write' and 'Optimize' modes. - Boundary markers: Not explicitly defined in the instructions.
- Capability inventory: Limited to text generation, reading specific markdown files, and writing generated newsletter drafts to the local directory.
- Sanitization: No specific sanitization or filtering of input content is mentioned.
- Risk Assessment: Because the skill lacks network access or high-privilege execution capabilities, the risk of a successful injection leading to significant harm is negligible.
Audit Metadata