newsletter-campaign-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill documents a workflow that processes untrusted external data from RSS feeds to generate newsletter articles, creating a surface for indirect prompt injection.
- Ingestion points: External content (titles, descriptions, and full article text) is ingested from RSS feeds and passed to the LLM via the
callAIWithPromptfunction. - Boundary markers: Content is interpolated into prompts using template placeholders like
{{title}}and{{content}}within JSON-formatted message structures stored in theapp_settingstable. - Capability inventory: The workflow can perform database writes to the
articlesandissuestables and initiate email broadcasts via the MailerLite integration. - Sanitization: The provided documentation does not specify sanitization or filtering logic for the ingested RSS content prior to its use in AI prompts.
Audit Metadata