repurpose

Pass

Audited by Gen Agent Trust Hub on Jul 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted external content such as transcripts and blog posts.
  • Ingestion points: Step 1 of the workflow in SKILL.md requires the agent to ingest the full source content.
  • Boundary markers: The instructions do not define explicit delimiters or 'ignore' commands for the ingested source text.
  • Capability inventory: The skill is limited to text generation and lacks capabilities for network operations, file-system writes, or subprocess execution.
  • Sanitization: No evidence of input sanitization or filtering was found in the instructions.
  • [SAFE]: The skill reads a local configuration file ('social-context.md') to determine brand voice. This is a standard and expected behavior for the skill's purpose and does not target sensitive system paths or credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 18, 2026, 07:08 AM
Security Audit — agent-trust-hub — repurpose