gr-blog-post

Pass

Audited by Gen Agent Trust Hub on Jul 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to automate development workflows and content publishing.
  • It utilizes curl to interact with the GitHub Contents API for uploading blog posts to the author's repository (Gingiris-1031/growth-tools).
  • It executes local scripts such as citability-scorer.py and sync-i18n.py to process and validate blog content.
  • It uses common shell utilities like base64, source, and grep for environment configuration and data formatting.
  • [PROMPT_INJECTION]: The skill processes data from external sources and other agent skills, creating a surface for indirect prompt injection.
  • Ingestion points: The skill reads inputs from other agent skills (keyword data and competitor research) to guide article generation.
  • Boundary markers: The instructions do not specify explicit delimiters when processing the ingested keyword or competitor data.
  • Capability inventory: The skill possesses capabilities to read local configuration files, execute shell commands, and write to remote GitHub repositories.
  • Sanitization: No specific sanitization or validation logic is defined for the data ingested from competitor research or keyword tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 16, 2026, 05:43 AM
Security Audit — agent-trust-hub — gr-blog-post