define-docs-norms
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from documentation proposals and incorporates it into canonical project rules, creating an indirect prompt injection surface.\n
- Ingestion points: External proposal files, such as
docs/calibration/docs-norms-proposal.md, are processed as input as described in SKILL.md.\n - Boundary markers: Absent; there are no explicit instructions for the agent to use delimiters or ignore embedded instructions when reading input content.\n
- Capability inventory: The skill performs file-write operations to
docs/ARTIFACT_NORMS.mdas defined in its core objectives and behavior in SKILL.md.\n - Sanitization: Absent; the instructions do not specify any validation or sanitization of the input content before it is written to the destination file.\n- [NO_CODE]: The skill consists entirely of instructional markdown and YAML configuration metadata without any executable scripts or binary files, which inherently reduces the potential for common attack vectors like remote code execution or privilege escalation.
Audit Metadata