file-to-article-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to indirect prompt injection through the processing of untrusted user-uploaded data.
- Ingestion points: Content is extracted from user-provided PDF, Word, and image files via the
parse_filescript. - Boundary markers: The generative prompts described in
SKILL.mdlack explicit delimiters (like XML tags) or instructions for the AI to ignore instructions embedded within the extracted text. - Capability inventory: The agent can execute Python scripts and write files to the local
output/directory, providing a surface for further exploitation if the LLM is subverted. - Sanitization: There is no mention of content validation or sanitization of the extracted text before it is interpolated into the generation templates.
Audit Metadata