marketing-public-relations

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes shell command examples in references/newsjacking.md for fetching and parsing news feeds from established platforms like Google News, Reddit, and Hacker News using curl and jq.
  • [EXTERNAL_DOWNLOADS]: The documentation suggests installing the jq package using Homebrew (brew install jq) to assist the agent in processing JSON output from news APIs.
  • [PROMPT_INJECTION]: The skill workflow involves the ingestion of untrusted data from external articles, social media profiles, and news outlets during journalist research and newsjacking monitoring.
  • Ingestion points: references/newsjacking.md (Google News, HN, Reddit) and references/journalist-pitching.md (Outlet pages, X, LinkedIn).
  • Boundary markers: No specific delimiters or warnings for the agent are defined when processing external data.
  • Capability inventory: The skill utilizes network access via curl and browser-driven research tools.
  • Sanitization: No sanitization or filtering of external content is specified before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 06:26 PM
Security Audit — agent-trust-hub — marketing-public-relations