content-management
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No prompt injection patterns were detected. The skill's instructions are purely functional and oriented toward content management tasks without attempting to override safety guidelines.
- [SAFE]: Data handling is documented with a strong focus on security. The 'SECURITY.md' file includes detailed protocols for XSS prevention, SVG sanitization, and file upload validation.
- [SAFE]: Command execution is limited to local Node.js test scripts used to validate the skill's structure and agents. These scripts do not process untrusted external input.
- [SAFE]: The skill documentation includes comprehensive guidelines for API key management and secret storage, emphasizing the use of environment variables and rotation rather than hardcoding credentials.
- [SAFE]: Indirect prompt injection surfaces exist due to the processing of user-provided briefs and external content, but the skill explicitly addresses this risk through mandatory sanitization and validation workflows outlined in the operations and security guides.
Audit Metadata