skills/adobe/skills/bulk-metadata/Gen Agent Trust Hub

bulk-metadata

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill retrieves site indexes (query-index.json), sitemaps (sitemap.xml), and bulk metadata configurations (metadata.json) from AEM Edge Delivery Services domains (aem.live). These operations are restricted to URLs derived from user-provided repository information and are used solely for the intended audit functionality.\n- [PROMPT_INJECTION]: The skill processes page titles, descriptions, and Open Graph tags from external JSON and HTML sources, which represents an indirect prompt injection attack surface.\n
  • Ingestion points: Metadata strings are ingested from query-index.json, sitemap.xml, and metadata.json (SKILL.md).\n
  • Boundary markers: The 'External Content Safety' section in SKILL.md provides explicit instructions to treat all fetched content as untrusted input and to ignore any instructions embedded within that content.\n
  • Capability inventory: The skill is designed for reporting and data transformation; it lacks access to sensitive capabilities such as shell command execution, local file system modification, or external data exfiltration.\n
  • Sanitization: The agent is strictly instructed not to execute scripts or interpret dynamic content from the fetched sources.\n- [SAFE]: The skill implements strong security best practices, including explicit agent safety guidelines and adherence to least-privilege principles. The external resources used are official vendor domains associated with the skill's stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 11:50 PM
Security Audit — agent-trust-hub — bulk-metadata