xhs-publisher
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill handles untrusted user data which could influence agent behavior through indirect prompt injection.
- Ingestion points: User-provided inputs for title, content, and tags are used throughout SKILL.md to populate web forms.
- Boundary markers: The instructions lack delimiters or clear instructions for the agent to ignore potential directives embedded within the user content.
- Capability inventory: The skill uses browser automation actions such as click, type, and form_input in SKILL.md to interact with the web interface.
- Sanitization: No validation or sanitization of the user input is specified before it is injected into the target platform's DOM elements.
Audit Metadata