newsletter-curation

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute 'belt login' and 'belt app run' commands using the Bash tool to perform authentication, search queries, and content generation. It also uses 'npx' to install additional skill dependencies.
  • [EXTERNAL_DOWNLOADS]: References a remote installation guide on GitHub (github.com/inference-sh) and uses 'npx' to fetch external skill modules from the vendor's repository.
  • [PROMPT_INJECTION]: The curation workflow involves processing outputs from external search tools (Tavily and Exa). This presents an indirect prompt injection surface where untrusted content from searched web pages could influence the agent's newsletter generation or social media posts. Evidence: Ingestion point (SKILL.md search tool results), Boundary markers (Absent), Capability inventory (belt app run x/post-create), Sanitization (Absent).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 04:41 AM
Security Audit — agent-trust-hub — newsletter-curation