copywriting-tone-of-voice-creator
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by interpolating untrusted data into instructions for sub-agents and generated documentation.\n
- Ingestion points: Untrusted data enters the context through
WebFetchduring Phase 2 (market research) and by reading the localSOUL.mdfile in Phase 1. User-supplied variables like<category>are also directly interpolated into sub-agent briefs.\n - Boundary markers: The skill does not employ explicit delimiters or "ignore embedded instructions" warnings when processing these untrusted inputs.\n
- Capability inventory: The skill possesses significant capabilities, including
Write,Edit, and theAgenttool for spawning sub-tasks with their own instructions.\n - Sanitization: No sanitization, escaping, or validation is performed on external content or user-supplied strings before they are interpolated into prompts for the research sub-agent or written to the
TONE.mdfile.\n- [EXTERNAL_DOWNLOADS]: The skill utilizesWebSearchandWebFetchto access various non-whitelisted external domains during Phase 2 research. While intended for brand analysis, this facilitates connections to arbitrary remote sources.\n- [COMMAND_EXECUTION]: The skill performs routine file system management usingRead,Write,Glob, andEdittools to create and modify brand documentation files such asTONE.mdandSOUL.md.
Audit Metadata