editorial-engineer
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes an 'Agent' tool to perform parallel research tasks. It spawns multiple sub-agents to gather external information regarding trends, expert opinions, and reader perspectives, which is consistent with the stated purpose of planning and researching blog posts.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from both external research (agent findings) and existing project files to inform its drafting process.
- Ingestion points: Reads existing markdown files in the repository to extract style tokens and receives research findings from external agents.
- Boundary markers: The workflow enforces mandatory human-in-the-loop checkpoints, such as the 'Editorial System' declaration and the 'v0 Outline' phase, where the user must approve the approach before full execution.
- Capability inventory: The skill can execute sub-agents and write markdown files to detected blog directories within the project structure.
- Sanitization: The skill does not implement automated sanitization for ingested content; it relies on the user (the 'Manager') to identify anomalies or malicious instructions during the review checkpoints.
Audit Metadata