content-repurposing
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It is designed to ingest and process large amounts of external content (blogs, podcast transcripts, etc.) and then perform actions like posting to social media or generating media based on that content.
- Ingestion points: Processes external long-form content provided by the user in SKILL.md.
- Boundary markers: None found; the instructions do not include markers to distinguish between system instructions and user-provided data.
- Capability inventory: Utilizes the infsh CLI to interact with third-party APIs for social media posting (x/post-create), image generation (falai/flux-dev-lora), and audio generation (falai/dia-tts).
- Sanitization: None observed; the content is interpolated directly into command arguments.
- [EXTERNAL_DOWNLOADS]: The skill incorporates external scripts and related packages.
- Fetches installation instructions from raw.githubusercontent.com/inference-sh/skills/.
- Instructs the user to install additional skills using npx skills add from the inference-sh/skills repository.
- [COMMAND_EXECUTION]: Executes shell commands using the infsh CLI via the Bash tool to perform automation tasks and content generation.
Audit Metadata