tech-blogger-writer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process untrusted external data to generate blog posts, creating a potential injection surface.
- Ingestion points: The skill reads input from
research-findings.json,content-outline.md, andresearch-notes.md(specified in theInput Requirementssection). - Boundary markers: Absent. There are no instructions to the agent to treat content within these files as data only or to ignore embedded instructions.
- Capability inventory: None. The skill only performs text generation and does not have access to subprocesses, filesystem writes (beyond returning output), or network calls.
- Sanitization: Absent. The skill instructions do not specify any validation or filtering for the external content it processes.
- Data Exposure (INFO): The skill metadata includes a hardcoded path template (
/d/project/tuan/blog-workspace/...). While this reveals a directory structure, it is provided as a configuration example for the agent's workspace and does not constitute a leak of sensitive credentials or private data.
Audit Metadata