content-digest
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill reveals environment information by specifying a hardcoded local file system path "/Users/ugreen/Documents/obsidian/每日播客/" for saving output. This exposes a specific username "ugreen" and the user's directory structure.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing untrusted external content. * Ingestion points: The skill uses the WebFetch tool to retrieve transcripts and article text from user-provided URLs (found in SKILL.md). * Boundary markers: The instructions do not define boundary markers or clear separators to isolate fetched content from agent instructions. * Capability inventory: The skill has the capability to write files to the local disk using the Write tool (found in SKILL.md). * Sanitization: There is no evidence of sanitization or filtering of the external content before it is processed by the agent.
Audit Metadata