skill-content-pipeline
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted data from external URLs and PDF files. It proactively mitigates indirect prompt injection risks by wrapping all fetched content in a mandatory 'SECURITY CONTEXT' frame. This frame includes explicit instructions for the agent to ignore any commands, system messages, or override instructions found within the untrusted content.
- [DATA_EXFILTRATION]: The skill utilizes a network tool to fetch content from user-provided URLs. It includes a validation stage that checks protocols (HTTPS only) and hostnames, specifically blocking access to localhost, private IP ranges, and cloud provider metadata endpoints to prevent server-side request forgery (SSRF).
- [EXTERNAL_DOWNLOADS]: The skill fetches external content via the WebFetch tool and references the FxTwitter API for platform-specific content transformation. These operations are conducted within the scope of the skill's primary content analysis purpose.
- [COMMAND_EXECUTION]: While the skill involves complex multi-stage processing, it does not utilize shell commands, subprocesses, or dynamic code execution. All logic is handled via structured prompts and defined tool invocations.
Audit Metadata