write-longform

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a local utility script 'scripts/bootstrap-experience.ts' used for initializing the project's experience tracking directory. This script contains safety logic to handle file system operations securely.
  • [EXTERNAL_DOWNLOADS]: The research agent utilizes platform-provided web search tools to gather information, which is a core part of its documented functionality.
  • [PROMPT_INJECTION]: The skill is designed to handle untrusted data from the web by implementing a sequential pipeline where a separate 'critic' agent evaluates the draft against a strict rubric, specifically checking for originality and evidence quality.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — write-longform