articulate
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external content (user-provided URLs) and repository data (PR descriptions, git history) to infer writing styles and extract information. This represents an indirect prompt injection surface. * Ingestion points:
reference/init/init.md(external links),reference/fragments/fragments.md(repository metadata). * Capability inventory: Includes file writing (reference/shape/shape.md) and shell execution of git commands. * Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded instructions in the ingested data. * Sanitization: No explicit sanitization or validation of the external content is implemented. - [COMMAND_EXECUTION]: The skill uses
git logto retrieve historical context about projects, which is a standard and expected operation for a tool designed to write about software development.
Audit Metadata