brand-kit-assistant
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No security issues detected. The skill implements industry-standard best practices for handling sensitive credentials and managing destructive operations.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through its intended functionality of processing external website content and file uploads.\n
- Ingestion points:
SKILL.md(Website URL, file upload context).\n - Boundary markers: Absent; instructions do not define specific delimiters for untrusted input.\n
- Capability inventory:
SKILL.mdand reference files describe capabilities for content generation and API-based data management (ingest, update, delete).\n - Sanitization: Instructions mandate that the agent validate all generated content against brand guidelines and obtain explicit user confirmation before performing any destructive updates or deletions.\n- [CREDENTIALS_UNSAFE]: Although the skill handles authentication tokens, it contains robust instructions to prevent credential exposure, such as never echoing tokens back to users and recommending environment variables for secret management.
Audit Metadata