Skills
skills/moonrepo/moon/doc-coauthoring/Gen Agent Trust Hub

doc-coauthoring

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes file system operations including create_file to initialize documentation scaffolds and str_replace to apply iterative refinements to specific sections of the document.
  • [EXTERNAL_DOWNLOADS]: The workflow facilitates fetching information from well-known services such as Slack, Google Drive, and SharePoint via platform integrations or MCP servers to build context for the drafting process.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests and processes data from external documents and messaging platforms.
  • Ingestion points: External context is gathered from chat threads, linked documents, and user-provided files as described throughout the Stage 1 workflow in SKILL.md.
  • Boundary markers: The instructions lack explicit delimiting markers or warnings for the agent to ignore instructions embedded within the ingested external content.
  • Capability inventory: The agent has the capability to write and modify the local file system using create_file and str_replace based on the processed context.
  • Sanitization: There are no documented mechanisms for sanitizing or validating external content before it is processed by the agent to influence document drafting.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 01:06 PM