content-strategy
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local Python scripts (content_brief_generator.py, content_calendar_planner.py, headline_analyzer.py) to process data and generate content planning outputs.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from external files which is then processed and returned to the agent context.\n
- Ingestion points: scripts/content_calendar_planner.py (load_topics) and scripts/headline_analyzer.py (main) read content from user-specified file paths.\n
- Boundary markers: No explicit delimiters or 'ignore' instructions are used when presenting the processed file content to the agent.\n
- Capability inventory: The skill allows for local file reading and script execution; however, it lacks network access or high-privilege write operations.\n
- Sanitization: No sanitization or validation of the input file content is performed prior to processing and output generation.
Audit Metadata