content-audit
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user-provided content (drafts and brand guidelines) without implementing explicit boundary markers or sanitization. An attacker could embed instructions within a draft to manipulate the audit scoring or influence the agent's behavior during the audit process.
- Ingestion points: User-provided draft text and brand reference files (brand/VOICE.md, brand/VISUAL.md) mentioned in SKILL.md.
- Boundary markers: Absent; the skill does not specify delimiters or system instructions to ignore embedded commands within the analyzed content.
- Capability inventory: The skill's primary capabilities are text analysis, scoring, and providing feedback. It does not perform file writes, network operations, or subprocess executions.
- Sanitization: None detected.
- [NO_CODE]: The skill consists entirely of markdown instruction files and rubrics. It does not include any executable scripts, binaries, or dependencies, which significantly limits the technical attack surface.
Audit Metadata