build-brief
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data sources.
- Ingestion points: Untrusted content enters the system via the $ARGUMENTS variable and transcripts fetched from external creatives via the get_creative_transcript tool.
- Boundary markers: The instructions lack explicit boundary markers or delimiters to separate processed data from the agent's core instructions during the brief generation phase.
- Capability inventory: The skill is primarily focused on text generation and does not have capabilities for arbitrary code execution or unauthorized network activity.
- Sanitization: No sanitization or validation logic is implemented for the incoming text data before it is interpolated into the creative brief template.
Audit Metadata