doc-coauthoring
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the use of Model Context Protocol (MCP) servers and platform-native connectors to access data from well-known and trusted services such as Slack, Google Drive, and SharePoint.
- [PROMPT_INJECTION]: The skill processes content from external documents and user-provided context (info dumps), presenting a surface for indirect prompt injection common to documentation tasks. This is handled as an inherent risk of the document-writing use case.
- Ingestion points: Shared documents and team channels mentioned in
initial-questions.mdandinfo-dumping.md. - Boundary markers: None identified in the instructional flow.
- Capability inventory: File modification via
create_fileandstr_replaceinstep-5-drafting.md. - Sanitization: Content is processed directly through the agent conversation without explicit sanitization steps.
Audit Metadata