skills/phuryn/skills/doc-coauthoring/Gen Agent Trust Hub

doc-coauthoring

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of ingesting and processing data from external sources.
  • Ingestion points: Content is retrieved from user-linked documents, uploaded files, and messaging/storage connectors such as Slack, Teams, Google Drive, and SharePoint (referenced in SKILL.md).
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for data fetched from these external sources.
  • Capability inventory: The skill uses file system tools like create_file and str_replace to generate documentation and invokes sub-agents for testing purposes.
  • Sanitization: No sanitization or validation of external content is implemented before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 11:48 AM
Security Audit — agent-trust-hub — doc-coauthoring