content-pipeline
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes external content from user-provided topics and local draft files, passing this data to various sub-agents. This creates a surface for indirect prompt injection where instructions hidden in a draft could attempt to influence the behavior of the editorial or distribution agents.
- Ingestion points: User-provided topics and local draft file paths are read into the agent context.
- Boundary markers: No explicit delimiters or boundary markers are defined in the orchestration logic to isolate untrusted input.
- Capability inventory: The skill spawns sub-agents that have the capability to read/write files and execute logic based on their internal toolsets.
- Sanitization: No content sanitization or validation is applied to the ingested text before it is processed by the agents.
- [EXTERNAL_DOWNLOADS]: The installation instructions guide users to clone the author's repository from GitHub to set up the skill environment, which is a standard distribution method for custom tools.
Audit Metadata