content-repurposing
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses the vendor-specific 'belt' CLI tool to execute AI applications, including social media automation, media generation, and text-to-speech synthesis.- [EXTERNAL_DOWNLOADS]: References installation of the 'belt' CLI and auxiliary skills from vendor-controlled repositories on GitHub and the npx registry.- [PROMPT_INJECTION]: Exhibits a surface for indirect prompt injection (Category 8).
- Ingestion points: Processes user-supplied long-form content (blogs, podcasts, videos) through the instructions in SKILL.md.
- Boundary markers: Lacks explicit delimiters or instructions to ignore commands embedded in the source content to be adapted.
- Capability inventory: Possesses tools to perform sensitive actions like posting directly to social media platforms (e.g., x/post-create) and generating media assets.
- Sanitization: No evidence of sanitization or content validation before processing data through execution tools.
Audit Metadata