blog-series-drafting
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a Python script (
scripts/init_series.py) for initializing blog series scaffolds. It takes a--rootparameter to determine the target directory on the user's filesystem and performs directory and file creation.- [PROMPT_INJECTION]: The mandatory workflow instructs the agent to read user-provided links and follow internal links to gather drafting information. This recursive ingestion of untrusted external content creates a surface for indirect prompt injection where malicious instructions on web pages could influence the agent's behavior. - Ingestion points:
SKILL.mdmandatory workflow steps 2 and 3. - Boundary markers: None specified for the ingested content.
- Capability inventory: Local filesystem writing via the provided script.
- Sanitization: No sanitization or validation of external content is mentioned.
Audit Metadata