content-repurposing
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references external resources including the installation of the
belt-sh/clivia npx and provides links to setup instructions hosted on GitHub (inference-sh/skills). These are presented as legitimate dependencies for the skill's functionality. - [COMMAND_EXECUTION]: The skill uses the
beltCLI within a Bash environment to run AI models and automate tasks like image generation and social media posting. All commands are transparent and align with the described purpose of the skill. - [PROMPT_INJECTION]: As the skill is designed to process external content (blogs, podcasts, transcripts) to generate derivative works, it has an inherent surface for indirect prompt injection.
- Ingestion points: Content is ingested through command-line inputs or files provided to
belt app runcommands (e.g., transcripts for STT or blog text for thread generation). - Boundary markers: No specific delimiters or "ignore instructions" markers are used in the provided templates to isolate processed data from system instructions.
- Capability inventory: The skill utilizes tools for file creation, network-based AI inference, and social media automation (
x/post-create). - Sanitization: No explicit sanitization or input validation logic is present in the markdown instructions.
Audit Metadata