drafting

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a robust drafting workflow that prioritizes evidence-based writing and manuscript quality. Key security and reliability features include:
  • Claim-First Protocol: Enforces a hard rule that no prose can be written until its underlying claims are resolved to 'evidence_ready' or 'verified' status. This is backed by a local pre-tool-use hook (enforce-claims.sh) that blocks unauthorized writes.
  • Subagent Orchestration: Uses a dynamic workflow to dispatch independent drafting tasks to a section-drafter agent, followed by two stages of review (spec-reviewer and manuscript-reviewer).
  • Terminology Ledger: Centralizes the management of technical terms to prevent terminological drift across sections, enforced by the enforce-terms.sh hook.
  • Structured Standards: Employs industry-standard frameworks (CARS, BPMRC, OFCA, etc.) to ensure structural consistency and rhetorical effectiveness, reducing the risk of hallucinated or incoherent output.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it interpolates external content into the subagent's prompt template.
  • Ingestion points: Task descriptions from .writing/plan.md and section-specific instructions from references/section-standards/*.md are inlined into the section-drafter subagent prompt.
  • Boundary markers: The prompt template in references/section-drafter-prompt.md uses clearly defined Markdown headers (## Inputs, ## Section standard) to separate instructional context from injected data.
  • Capability inventory: The agent has access to file system read/write operations, git commands, and the zotero MCP toolset for citation management.
  • Sanitization: While no explicit string sanitization is performed on the plan or standards text, the skill's reliance on a multi-stage review pipeline and automated pre-tool-use hooks provides a significant defensive layer against malicious instructions in input files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 05:55 PM
Security Audit — agent-trust-hub — drafting