writing-tech-post

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions involve executing local Python scripts provided within the skill package, such as scripts/lint-post.py and scripts/validate-metadata.py. These scripts are used to automate the pre-publishing gate by scanning for 'slop' signatures and validating frontmatter. The scripts use standard Python libraries and operate in a read-only manner on the provided draft files.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is designed to process user-supplied technical drafts. Malicious instructions hidden within these drafts could potentially attempt to override the agent's authoring guidelines or structural constraints.
  • Ingestion points: Draft files provided to the agent or the linting script (SKILL.md, Phase 6).
  • Boundary markers: While the skill uses structured frontmatter, it lacks specific instructions to the agent to disregard potential instructions embedded within the ingested draft prose.
  • Capability inventory: The agent can read local files, write markdown output, and execute bundled local Python scripts.
  • Sanitization: The provided scripts perform regex-based scanning but do not sanitize the content before the agent processes the draft for narrative and voice tuning.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 07:57 PM
Security Audit — agent-trust-hub — writing-tech-post