ljg-writes
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the system
datecommand to generate formatted timestamps and identifiers for file metadata. - Evidence: Found in sections 'Denote 文件规范' and 'Org 文件头', specifying commands like
date +%Y%m%dT%H%M%Sanddate "+%Y-%m-%d %a %H:%M". - [DATA_EXFILTRATION]: The skill defines a specific local path for saving output files, which involves file system write operations.
- Evidence: Section 'Denote 文件规范' identifies
~/Documents/notes/as the designated output directory for generated .org files. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes user-provided viewpoints to generate articles.
- Ingestion points: User input provided in the 'Process' section under '把观点放到台面上'.
- Boundary markers: Absent; there are no explicit delimiters or instructions to ignore embedded commands within the user viewpoint.
- Capability inventory: The skill has the ability to execute shell commands (
date) and write to the local file system (~/Documents/notes/). - Sanitization: Absent; the skill does not specify any filtering or validation for the input viewpoint. However, the strict enforcement of Org-mode syntax and ASCII-only diagrams significantly limits the potential for malicious instruction execution.
Audit Metadata