gr-social-distill
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code, obfuscation, or unauthorized access to sensitive system resources was detected. The skill is composed of instructional Markdown files and templates.
- [SAFE]: External references are limited to reputable social media platforms and the author's own domains (gingiris.com, gingiris.github.io). No suspicious external downloads or remote script execution patterns were identified.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it is designed to ingest and transform untrusted blog content from URLs or local files.
- Ingestion points: Content is sourced from blog URLs or files in the
_posts/directory as described inSKILL.md. - Boundary markers: The templates do not define clear delimiters (e.g., XML tags or specific separators) to distinguish the input blog content from the transformation instructions, nor do they include instructions to ignore commands within the source text.
- Capability inventory: The skill leverages the agent's core text generation capabilities; it does not utilize tools for shell command execution, file system writes, or unauthorized network activity.
- Sanitization: No validation or sanitization steps are defined for the input data before processing.
Audit Metadata