newsletter-curation

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides structured templates and best practices for creating high-quality newsletters.
  • [COMMAND_EXECUTION]: Leverages the 'belt' CLI tool for content discovery and image generation. The commands used are consistent with the skill's goal of streamlining the curation process.
  • [EXTERNAL_DOWNLOADS]: Suggests installation of the 'belt' CLI and related utility skills. These references point to the service provider's infrastructure and are standard for the toolset described.
  • [PROMPT_INJECTION]: Ingests untrusted data via search assistant tools like Tavily and Exa. This creates an indirect prompt injection surface where external content could potentially include instructions that influence agent behavior. Evidence chain: 1. Ingestion points: search tool results (SKILL.md); 2. Boundary markers: Absent; 3. Capability inventory: belt app execution and bash access (SKILL.md); 4. Sanitization: Absent. This is a standard risk for search-integration tools and does not indicate malicious intent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:46 PM