social-post-writer
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or obfuscation techniques were detected in the skill instructions.
- [DATA_EXPOSURE]: The skill implements a 'No Fly List' safety check that fetches restricted customer names to ensure they are never mentioned in social media output. This is a positive security and compliance feature designed to protect sensitive client information.
- [COMMAND_EXECUTION]: The skill uses specific MCP tools (e.g.,
get_marketing_context,search_content) for data retrieval within the vendor's ecosystem. No arbitrary shell command execution or unauthorized file system access patterns were identified. - [INDIRECT_PROMPT_INJECTION]: While the skill ingests external data (such as blog posts or URLs for repurposing), the potential risk of indirect prompt injection is mitigated by the agent's limited capabilities (text generation only) and explicit instructions to adhere to strict brand voice and terminology guides.
Audit Metadata