writing-skills
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The primary purpose of the skill is to provide a framework for high-quality documentation and testing. It does not attempt to bypass security filters, exfiltrate data, or execute unauthorized code.
- [COMMAND_EXECUTION]: The provided
render-graphs.jsscript is a utility that uses the localdot(Graphviz) command to generate SVG diagrams from markdown code blocks. This is a standard visualization workflow and does not introduce command injection risks as it pipes content directly to the executable via standard input. - [EXTERNAL_DOWNLOADS]: The documentation contains image references hosted on
mintcdn.com, a well-known service used for technical documentation hosting. These are standard assets for the provided best-practices guide. - [PROMPT_INJECTION]: While the skill uses strong imperative language (e.g., "YOU MUST", "No exceptions") to enforce development standards like TDD, these are pedagogical techniques designed to improve agent reliability and do not constitute malicious instruction overrides or safety bypasses.
Audit Metadata