article-rewriter
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from external URLs and local files, creating a surface for indirect prompt injection. Ingestion points: The URL and file path inputs defined in SKILL.md are the primary entry points for external data. Boundary markers: Although the skill aims to extract body text, it does not specify the use of delimiters or instructions to ignore commands within the ingested content. Capability inventory: The skill can write files to the rewrites/ directory and perform network requests for crawling and research. Sanitization: No explicit sanitization or validation of external content is documented.
- [DATA_EXFILTRATION]: The skill is configured to read local files and perform network requests to fetch article content. These are core features for its article rewriting and research functions. No patterns indicating unauthorized access to sensitive system credentials or exfiltration of private data to malicious domains were detected.
Audit Metadata