create-output-format
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill follows a structured process for gathering information and creating project-specific configuration files. No malicious patterns such as credential harvesting, unauthorized command execution, or code obfuscation were detected.
- [PROMPT_INJECTION]: The skill processes external documentation retrieved via WebFetch to inform the scaffolding process. This represents a surface for indirect prompt injection where external content could attempt to influence the agent's output. 1. Ingestion points: Documentation URLs provided by the user and accessed via WebFetch in SKILL.md. 2. Boundary markers: Absent; there are no specific delimiters to separate external content from instructions. 3. Capability inventory: File creation and writing within the skills/workflow-planning-process/ directory. 4. Sanitization: No specific validation or sanitization of the fetched content is performed.
Audit Metadata