utils-add-bitly-links-to-database
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it extracts and stores arbitrary user-provided text into a persistent JSON database (
_resources/bitly_links.json).\n - Ingestion points: Untrusted data enters the skill via the
$ARGUMENTSvariable, which the agent is instructed to parse intelligently from any format.\n - Boundary markers: There are no explicit boundary markers or instructions to treat the input as data rather than instructions (e.g., no delimiters or 'ignore embedded instructions' warnings).\n
- Capability inventory: The skill has access to
Read,Glob,Grep, andEdittools, allowing it to modify the project's file system.\n - Sanitization: No sanitization or escaping mechanisms are defined; the skill only performs format normalization (e.g., adding
https://bit.ly/) but does not filter for malicious content in the description or URL fields.
Audit Metadata