content-strategy

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill interacts with the vendor's API endpoint at https://ai-skills.ai via the scripts/run.py script. This network communication is essential for the skill's primary function and targets the developer's own service.
  • [COMMAND_EXECUTION]: The skill provides a Python runner script (scripts/run.py) intended for local execution to facilitate interaction with the backend service. This is a standard integration method for this vendor's tools.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external content from URLs, uploaded documents, and raw text inputs.
  • Ingestion points: materialUrl, materialFile, and materialText parameters defined in references/form-schema.json and references/skill.json.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the provided metadata.
  • Capability inventory: The skill processes this data using an LLM to generate content diagnostics and action plans.
  • Sanitization: No explicit sanitization of external content is mentioned in the skill configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — content-strategy