promote-post

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill retrieves article content from user-provided URLs using WebFetch and the well-known r.jina.ai content retrieval service.
  • [PROMPT_INJECTION]: The skill ingests untrusted content from external URLs, creating a surface for indirect prompt injection (Ingestion: Article URL content in Step 1; Boundary markers: Absent; Capability inventory: Only benign text generation/presentation; Sanitization: Absent). This is a low-risk surface because the agent's capabilities are restricted to text generation.
  • [SAFE]: No malicious patterns, bypass attempts, or obfuscated content were detected in the instructions.
  • [SAFE]: The skill explicitly prohibits auto-publishing of content, ensuring that the user maintains oversight and control over the final social media output.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 09:11 PM
Security Audit — agent-trust-hub — promote-post