blog-analyze
Pass
Audited by Gen Agent Trust Hub on May 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external URLs and local files.
- Ingestion points: Local file paths provided via arguments and external URLs fetched using WebFetch.
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings for the analyzed content.
- Capability inventory: The skill performs content extraction, category scoring, AI detection (burstiness/TTR), and report generation in Markdown, JSON, and Table formats. It does not possess high-risk capabilities like file-writing or subprocess execution.
- Sanitization: No explicit sanitization or validation of the ingested content is mentioned.
- [SAFE]: The skill's behavior matches its stated purpose. No evidence of hardcoded credentials, remote code execution, persistence mechanisms, or unauthorized data exfiltration was found.
Audit Metadata