Skills
skills/aradotso/marketing-skills/ultimate-ai-content-pipeline/Gen Agent Trust Hub

ultimate-ai-content-pipeline

Warn

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone a repository from an untrusted GitHub account (https://github.com/pennydinh/marketing-pineline-share.git) that does not match the stated author or known trusted organizations.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It fetches content from external, uncontrolled sources such as TechCrunch, Twitter, and LinkedIn, and directly interpolates this data into LLM prompts without using sanitization or boundary markers.
  • Ingestion points: lib/research/research-service fetches data from external URLs.
  • Boundary markers: Absent in the prompt construction in generateContentWithClaude.
  • Capability inventory: Subprocess execution via npm run dev and video rendering via Remotion.
  • Sanitization: No escaping or validation is performed on the scraped content before prompt interpolation.
  • [COMMAND_EXECUTION]: The installation and usage instructions require executing code from the untrusted repository using npm install and npm run dev, which could execute arbitrary scripts defined in the package manifest.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 24, 2026, 04:19 PM
Security Audit — agent-trust-hub — ultimate-ai-content-pipeline