rewrite
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the creation of new writing styles by fetching and analyzing content from user-provided URLs. This creates a surface for indirect prompt injection where untrusted external content could attempt to subvert agent behavior.
- Ingestion points: External URLs provided by users during the style confirmation step (SKILL.md).
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched content.
- Capability inventory: The agent uses network access to retrieve article content and file system access to write new instructions, composition guides, and examples to the
references/directory. - Sanitization: No explicit sanitization or validation of the retrieved content is required by the instructions before it is used to define new style parameters.
Audit Metadata