Skills
skills/agricidaniel/claude-blog/blog-write/Gen Agent Trust Hub

blog-write

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The instructions include a step to verify image availability using curl -sI, which involves executing a shell command with external URLs.
  • [EXTERNAL_DOWNLOADS]: The skill fetches assets and data from well-known services such as Pixabay, Unsplash, Pexels, and YouTube.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection through its data ingestion processes.
  • Ingestion points: Web search results, external statistics, and user-provided NotebookLM documents.
  • Boundary markers: No explicit delimiters are used to separate researched content from agent instructions.
  • Capability inventory: The agent can execute curl commands and write file content.
  • Sanitization: No data sanitization or validation is specified for the external content before its use in the final article.
  • [SAFE]: The skill exhibits no signs of obfuscation, persistence mechanisms, or credential theft. The tools used are consistent with the skill's stated purpose of content research and generation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 05:48 AM