Skills
skills/zephyrwang6/write-skill/podcast-script-generator/Gen Agent Trust Hub

podcast-script-generator

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it handles external content.
  • Ingestion points: The workflow in SKILL.md instructs the agent to read local markdown files from a hardcoded directory (/Users/ugreen/Documents/obsidian/每日播客/) or a user-provided path.
  • Boundary markers: There are no instructions to use delimiters or ignore instructions found within the source files, meaning the agent may follow malicious prompts embedded in the notes.
  • Capability inventory: The skill uses a Read tool to access the local filesystem and performs content analysis and transformation based on the file's content.
  • Sanitization: The skill lacks any mechanism to sanitize or validate the content of the files before processing them.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 07:35 AM
Security Audit — agent-trust-hub — podcast-script-generator