wechat-article-writer
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The 'Style Extraction Flow' analyzes untrusted user articles to generate writing rules and prompt templates, which is a surface for indirect prompt injection.
- Ingestion points: User-provided sample articles in SKILL.md.
- Boundary markers: Instructions do not specify delimiters to isolate user-provided text from agent instructions.
- Capability inventory: The skill produces 'Style Reproduction Prompts' that are meant for future execution by the agent.
- Sanitization: The skill does not implement validation or sanitization of the input articles.
Audit Metadata