prompt-writer

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • [SAFE]: The skill consists entirely of instructional markdown files and contains no executable scripts or binary files. The content is designed to improve the performance and safety of LLM prompts.
  • [EXTERNAL_DOWNLOADS]: The skill references and fetches raw markdown documentation from https://docs.claude.com. This is the official documentation site for Anthropic's Claude models, which is a well-known and trusted service. These references are documented neutrally and are used for grounding the skill's instructions in canonical sources.
  • [PROMPT_INJECTION]: The skill provides explicit instructions for mitigating indirect prompt injection. It recommends using named XML tags as delimiters to separate instructions from potentially malicious data, which is a standard safety pattern for preventing LLM hijacking.
  • [DYNAMIC_CONTEXT_INJECTION]: The skill demonstrates high security awareness regarding the ! shell injection syntax. It includes a specific 'Footgun' warning in the conventions guide, instructing users to escape the syntax (\!) when documenting it. This prevents the platform from accidentally executing documented shell commands when the skill is loaded.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 01:20 PM
Security Audit — agent-trust-hub — prompt-writer