blog-series-drafting

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides a Python script (scripts/init_series.py) for initializing blog series scaffolds. It takes a --root parameter to determine the target directory on the user's filesystem and performs directory and file creation.- [PROMPT_INJECTION]: The mandatory workflow instructs the agent to read user-provided links and follow internal links to gather drafting information. This recursive ingestion of untrusted external content creates a surface for indirect prompt injection where malicious instructions on web pages could influence the agent's behavior.
  • Ingestion points: SKILL.md mandatory workflow steps 2 and 3.
  • Boundary markers: None specified for the ingested content.
  • Capability inventory: Local filesystem writing via the provided script.
  • Sanitization: No sanitization or validation of external content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 08:34 PM
Security Audit — agent-trust-hub — blog-series-drafting