Skills
skills/richardbray/skills/longs-writer/Gen Agent Trust Hub

longs-writer

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to create a new directory and save a .md file in the current working directory based on the topic. This is a legitimate function for a script-writing tool to organize output.
  • [DATA_EXFILTRATION]: The skill uses web search and web fetch tools to gather information about topics provided by the user. While this involves external network access, it is a core part of the skill's research-based workflow.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from the web (via web fetch) and user-supplied arguments ($ARGUMENTS). This data is then used to generate content that the agent writes to the local file system. However, the scope is limited to writing markdown scripts and follows a section-by-section iteration process with the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 04:24 PM
Security Audit — agent-trust-hub — longs-writer