influencer-prospecting
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access detected.
- [SAFE]: Secure credential management via environment variables for the vendor API key.
- [PROMPT_INJECTION]: The skill processes untrusted content from social media platforms, creating a surface for indirect prompt injection.
- Ingestion points: Social media profile and search data (TikTok, Instagram, YouTube) fetched via WebFetch in SKILL.md instructions.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are provided.
- Capability inventory: Access to Bash, Write, and WebFetch tools.
- Sanitization: No explicit data validation or sanitization of external content is mentioned.
Audit Metadata