content-refresher
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to ingest and process content from external URLs provided by the user (SKILL.md). No specific boundary markers or sanitization logic are defined in the instructions to mitigate the risk of the agent executing instructions embedded within the target web content. The skill's capabilities include writing data to the local filesystem in the 'memory/' directory.
- [SAFE]: File system operations are confined to logging audit results and summaries within a designated 'memory' path (SKILL.md), which is a standard pattern for persistent agent memory and does not constitute unauthorized access.
- [SAFE]: All external URL references target the author's repository or well-known technology services, presenting no evidence of malicious downloads or supply chain threats.
Audit Metadata