newsletter-curation
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
belt-sh/clitool and additional skills such asinference-sh/skills@email-designusing thenpxcommand. These represent external package dependencies from sources not specifically listed as trusted. - [COMMAND_EXECUTION]: The documentation provides examples of shell commands using the
beltCLI to run applications that perform web searches, generate assets, and post to social media. - [INDIRECT_PROMPT_INJECTION]: The skill facilitates the ingestion of data from external search providers (Tavily, Exa) into the agent's workflow. Ingestion points: Search results from Tavily and Exa referenced in SKILL.md. Boundary markers: No explicit delimiters or instructions are used to isolate untrusted search content in the provided templates. Capability inventory: Shell command execution through the
beltCLI is allowed. Sanitization: No sanitization or validation of the retrieved content is mentioned, which could allow malicious source material to influence the agent's subsequent actions.
Audit Metadata