reviewing-writing
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's primary function is text analysis and feedback. The instructions and reference material (nielsen-principles.md) do not contain any obfuscated code, hidden instructions, or malicious payloads.
- [COMMAND_EXECUTION]: The skill instructs the agent to read files from a path provided by the user. This is a standard capability required for analyzing pre-existing writing samples and does not involve arbitrary command execution or shell access beyond simple file reading.
- [PROMPT_INJECTION]: The skill is subject to potential indirect prompt injection because it ingests untrusted text from user conversation or external files for analysis.
- Ingestion points: User-provided text in the conversation or content read from a file path (SKILL.md).
- Boundary markers: Absent; there are no specific markers or instructions to treat the analyzed text as data rather than instructions.
- Capability inventory: The skill is limited to reading files and outputting text. It lacks network access, shell execution, or file writing capabilities, which significantly limits the impact of any injection.
- Sanitization: No sanitization or escaping of the input text is performed before processing.
Audit Metadata