social-quality-auditor

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill implements a fallback routine to download reference files and auditor runbooks directly from the author's GitHub repository (github.com/aaron-he-zhu/aaron-marketing-skills) if they are missing from the local environment.
  • [DATA_EXFILTRATION]: The skill utilizes several internal Python scripts (e.g., bluesky.py, fediverse.py, gdelt.py, tavily.py) to perform network-based telemetry and public data gathering.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to process and analyze untrusted external data such as social media drafts and analytics exports.
  • Ingestion points: Draft social media batches, GA4/GSC analytics exports, platform native exports, and user-provided screenshots.
  • Boundary markers: The instructions provide clear warnings to the agent to treat input data (including text in exports or screenshots) as evidence to verify rather than as commands.
  • Capability inventory: The skill is capable of executing Python scripts for data retrieval and writing audit reports to the local memory/ directory.
  • Sanitization: Security is primarily managed through natural language instructions and a referenced security boundary protocol in the external auditor-runbook.md file.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 03:38 PM
Security Audit — agent-trust-hub — social-quality-auditor