article-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or attack vectors were detected in the skill file.
- [NO_CODE] (SAFE): The skill is entirely declarative, containing only Markdown instructions and metadata. It does not include any scripts (Python, Node.js) or binary executables.
- [PROMPT_INJECTION] (SAFE): The instructions are focused on guiding the agent's writing style and structure. There are no attempts to override system prompts, bypass safety filters, or extract underlying instructions.
- [DATA_EXPOSURE] (SAFE): No hardcoded credentials, API keys, or sensitive file paths were found.
- [INDIRECT_PROMPT_INJECTION] (LOW): This skill is designed to process untrusted external data (user-provided articles).
- Ingestion points: User-provided articles, blogs, and long-form text (SKILL.md).
- Boundary markers: None explicitly defined in the prompt instructions.
- Capability inventory: No capabilities for subprocess calls, file writes, or network operations.
- Sanitization: None.
- Conclusion: While the agent could be influenced by instructions hidden within the articles it reviews, the lack of any dangerous tools or system access limits the risk to text-based output only.
Audit Metadata