update-doc
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and modifies external documentation files without explicit safety boundaries.
- Ingestion points: The skill reads existing content from files in .chalk/docs/ (SKILL.md).
- Boundary markers: No delimiters or safety instructions are used to prevent the agent from following instructions embedded within the docs.
- Capability inventory: The skill uses the 'Edit' tool to write content to the file system (SKILL.md).
- Sanitization: There is no evidence of sanitization or filtering of the document content before it is processed by the agent.
Audit Metadata