brand-content-strategy
Pass
Audited by Gen Agent Trust Hub on Jul 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it fetches and processes untrusted third-party data from external websites (via WebFetch in Step 1) and social media platforms (via reel-discovery in Step 3). This content is subsequently used in synthesis prompts to generate strategy deliverables.
- Ingestion points: WebFetch is used to profile brand websites (SKILL.md Step 1), and reel-discovery output (video titles, descriptions, and metadata) is ingested in Step 3.
- Boundary markers: The skill does not specify explicit delimiters or "ignore embedded instructions" warnings when interpolating this untrusted content into synthesis prompts.
- Capability inventory: The skill possesses capabilities to execute local Python scripts, use search tools (Perplexity), and perform network operations via external APIs.
- Sanitization: There is no evidence of explicit sanitization or filtering of external content before it is interpolated into the strategy synthesis prompts.
- [EXTERNAL_DOWNLOADS]: The skill interacts with external services, specifically the YouTube and Apify APIs, to gather research data. These are legitimate, well-known services used for the skill's primary research functionality. The documentation instructs the user to provide their own API keys via environment variables or configuration files, which is a standard and safe practice for secret management.
- [COMMAND_EXECUTION]: The skill orchestrates the execution of local Python scripts, such as
discover.pyandfilter_creators.py. These scripts are part of the skill's own package (or its immediate sub-skills) and are used for data filtering, aggregation, and ranking. Thefilter_creators.pyscript uses only the Python standard library and performs routine file I/O and text processing tasks.
Audit Metadata