doc-coauthoring
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious code or hidden instructions were found. The skill guides the user through a legitimate documentation workflow.
- [COMMAND_EXECUTION]: The skill makes use of
create_fileandstr_replaceto manage the lifecycle of the document being authored. These operations are transparent and restricted to the user's workspace. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests data from external links and messaging integrations. This risk is inherent to its primary function as a co-authoring tool and is mitigated by the structured workflow and testing stages.
- Ingestion points: Shared document URLs, Slack/Teams channel content, and user info dumps in SKILL.md.
- Boundary markers: No specific delimiters or safety instructions are defined for the ingested content.
- Capability inventory: The agent can use
create_file,str_replace, and sub-agents. - Sanitization: No explicit sanitization or filtering of external content is requested in the instructions.
Audit Metadata