content-repurpose
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by processing untrusted data provided by the user (e.g., transcripts, blog posts, or external URLs).
- Ingestion points: User-supplied source content (transcripts, articles, talk notes) processed via the 'Input' section in SKILL.md.
- Boundary markers: Absent; there are no specific delimiters or instructions to ignore instructions embedded within the source content.
- Capability inventory: The skill is limited to text generation and localized reading of a business context file. It does not have access to tools for file writing, shell execution, or non-whitelisted network operations.
- Sanitization: Absent.
- [SAFE]: The skill reads a local file named 'BUSINESS_CONTEXT.md' to customize its output. This is a legitimate functional requirement for maintaining brand voice and does not target sensitive system configuration or credential files.
Audit Metadata