ai-content-marketer

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from multiple sources (text, files, and URLs) and provides it to an AI model for diagnosis without implementing explicit boundary markers or instructions to disregard embedded commands.
  • Ingestion points: External content enters the agent context via the materialText, materialUrl, and materialFile fields defined in references/form-schema.json.
  • Boundary markers: The skill does not use delimiters or include warnings to the model to ignore instructions contained within the analyzed content.
  • Capability inventory: The scripts/run.py script performs network POST requests to the ai-skills.ai API to process this data.
  • Sanitization: There is no evidence of input validation or sanitization of external materials before they are processed by the runner script.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-content-marketer