baoyu-cover-image
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions in 'references/base-prompt.md' that attempt to override standard safety filter refusals regarding copyrighted content, instructing the model to provide stylistic alternatives instead.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests untrusted article data into generation prompts. Ingestion points: User-provided article files and reference image descriptions. Boundary markers: Uses headers such as '# Content Context' in 'references/workflow/prompt-template.md'. Capability inventory: Writing prompts and images to the file system and calling external generation skills. Sanitization: No sanitization of ingested content was observed.
- [COMMAND_EXECUTION]: The skill uses shell commands in 'SKILL.md' to verify the presence of configuration files in both the project directory and the user's home directory.
Audit Metadata