content-repurposing
Warn
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and directs the user to download installation instructions and software from an external GitHub repository (raw.githubusercontent.com/inference-sh/skills). This source is not categorized as a trusted organization or well-known service.
- [COMMAND_EXECUTION]: The skill instructs the user to install additional agent skills from an external repository using npx (npx skills add inference-sh/skills@...). This involves downloading and executing packages from a third-party source.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality. Ingestion points: It processes untrusted long-form content such as blog posts and podcast transcripts (SKILL.md). Boundary markers: The provided templates lack explicit delimiters or instructions to ignore instructions embedded within the processed content. Capability inventory: The skill has the ability to post data to social media platforms via the 'infsh app run x/post-create' tool (SKILL.md). Sanitization: There is no evidence of input validation or sanitization before the processed content is passed to external tools.
Audit Metadata