Skills
skills/joelhooks/joelclaw/content-publish/Gen Agent Trust Hub

content-publish

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes the Convex CLI via npx to perform database operations, including document retrieval and upserts for the content repository.
  • [COMMAND_EXECUTION]: Utilizes a Node.js one-liner to preprocess local MDX files, ensuring that content is correctly escaped into a JSON payload before being passed to the database.
  • [COMMAND_EXECUTION]: Invokes a local utility joelclaw secrets lease to obtain short-lived authentication tokens for API requests, avoiding hardcoded credentials.
  • [EXTERNAL_DOWNLOADS]: Accesses the npm registry through npx to execute the Convex CLI tools.
  • [DATA_EXFILTRATION]: Sends content updates and authentication tokens to the author's production API at joelclaw.com using curl for cache revalidation.
  • [PROMPT_INJECTION]: Exhibits a surface for indirect prompt injection by ingesting raw MDX content from local files for publication without content-level sanitization.
  • Ingestion points: Local filesystem (referenced in SKILL.md via fs.readFileSync calls)
  • Boundary markers: Absent
  • Capability inventory: Database writes (Convex), network operations (curl)
  • Sanitization: Absent (the process strips metadata/frontmatter but passes the core content body through without additional filtering or instruction-awareness)
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 12:38 PM
Security Audit — agent-trust-hub — content-publish