skill-writer
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its core synthesis and authoring workflow.\n
- Ingestion points: The skill ingests 'external/local sources' and 'representative synthesis examples' as specified in Step 2 of SKILL.md.\n
- Boundary markers: Although Step 2 mentions applying 'trust and safety rules when ingesting external content', the skill lacks explicit delimiters or specific instructions to ignore embedded commands within the processed data.\n
- Capability inventory: The skill has the capability to 'Author or update SKILL.md and supporting files' including 'scripts' as described in Step 4 of SKILL.md.\n
- Sanitization: Step 3 mentions instructions to 'anonymize examples with provenance', but no technical sanitization or validation logic is provided to prevent malicious content in synthesis sources from influencing the generated output.
Audit Metadata