content-checker
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is primarily designed to ingest and process untrusted third-party content from URLs, PDFs, and external documents, which creates a surface for indirect prompt injection.
- Ingestion points: External URLs, PDF files, and Markdown articles provided by the user for fact-checking purposes (SKILL.md).
- Boundary markers: The instructions include a dedicated section for "Security Requirements" that explicitly directs the agent to treat third-party content as "evidence materials" rather than "instruction sources," effectively creating a logical boundary to ignore embedded commands.
- Capability inventory: The skill has the capability to read external content and write modifications to local Markdown files if explicitly authorized by the user (SKILL.md).
- Sanitization: The skill contains clear instructions to ignore operational commands found within reference materials, such as scripts, downloads, or login requests, which helps sanitize the processing of untrusted data.
Audit Metadata