ai-podcast-creation
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection in the 'NotebookLM-Style Content' workflow.
- Ingestion points: Untrusted data enters the agent context via the '' placeholder in SKILL.md during script generation.
- Boundary markers: Absent. The external content is interpolated directly into the prompt without clear delimiters or 'ignore' instructions.
- Capability inventory: The skill possesses the Bash(infsh *) capability (defined in SKILL.md frontmatter), which allows execution of various AI applications on the inference platform.
- Sanitization: No sanitization or validation of the input document is performed prior to processing.
Audit Metadata