channel-portfolio-planner
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface because it processes untrusted data from external sources like audience exports and analytics screenshots.
- Ingestion points: External audience research, persona data, and analytics exports (Instruction 1, Instruction 3).
- Boundary markers: Includes a specific instruction to treat all pasted data as untrusted and to ignore any embedded commands.
- Capability inventory: Authorized to write channel candidates and portfolio documentation to the local memory file system.
- Sanitization: Explicitly instructs the agent to ignore instructions embedded in user-provided data.
- [COMMAND_EXECUTION]: The skill references local utility scripts (scripts/connectors/pageviews.py and scripts/connectors/hn.py) to gather attention signals from public sources like Wikipedia and Hacker News. These are documented as keyless and read-only connectors used for data enrichment.
Audit Metadata