content-pipeline
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like
mkdir -pwithin its slash command implementation (/content-pipeline) to initialize the local working directory structure for the pipeline. - [DATA_EXFILTRATION]: The Analytics Agent is designed to communicate with external APIs (Google Search Console, GA4, DataForSEO) to fetch performance metrics. These operations are essential to the skill's stated purpose and follow established security practices by referencing credentials stored in environment variables (
.env). - [SAFE]: Indirect Prompt Injection Surface. The pipeline ingests untrusted data from web searches via the Research Agent. This data is subsequently processed by the Writer, Editor, and SEO agents. While the prompts do not utilize explicit boundary markers (like XML tags) to isolate this external content, the risk is mitigated by the multi-agent orchestration and the mandatory human approval gate (Gate 5) before any content is published.
- [SAFE]: The skill demonstrates high security maturity by including a
SECURITY.mdfile, explicitly documenting credential isolation (ensuring agents do not see.envfiles), and implementing mandatory human-in-the-loop checkpoints.
Audit Metadata