polish

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted user text and file contents for processing.
  • Ingestion points: The skill reads prose directly from user chat or from file paths provided by the user in Step 1.
  • Boundary markers: There are no explicit delimiters or instructions to the agent to treat the input text strictly as data rather than instructions.
  • Capability inventory: The skill has access to powerful tools including Read, Write, Edit, and Skill (allowing it to invoke other agents/skills).
  • Sanitization: The input is passed to sub-skills without sanitization or escaping.
  • [SAFE]: The skill's primary function is to chain internal sub-skills (superpower-writing:humanizer and superpower-writing:writing-clearly-and-concisely) to perform linguistic analysis and editing. It uses standard file-system operations and follows modular design patterns without evidence of malicious intent or exfiltration.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 05:55 PM
Security Audit — agent-trust-hub — polish