skills/lionad-morotar/blog/rewrite/Gen Agent Trust Hub

rewrite

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates the creation of new writing styles by fetching and analyzing content from user-provided URLs. This creates a surface for indirect prompt injection where untrusted external content could attempt to subvert agent behavior.
  • Ingestion points: External URLs provided by users during the style confirmation step (SKILL.md).
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched content.
  • Capability inventory: The agent uses network access to retrieve article content and file system access to write new instructions, composition guides, and examples to the references/ directory.
  • Sanitization: No explicit sanitization or validation of the retrieved content is required by the instructions before it is used to define new style parameters.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 06:10 PM
Security Audit — agent-trust-hub — rewrite