writing-audit
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a shell script
evals/run-static-checks.shwhich executes local commands and a Python script for testing purposes. These operations are intended for development environments and are not part of the runtime interaction with users. - [PROMPT_INJECTION]: The skill processes user-supplied text for auditing, creating a surface for indirect prompt injection. Ingestion point: The 'existing piece of writing' provided by the user (Step 5 of SKILL.md). Boundary markers: No explicit isolation or 'ignore embedded instructions' markers are defined. Capability inventory: The skill uses sub-agent dispatch and file-writing tools (SKILL.md). Sanitization: No content filtering is mentioned. This is a common property of text-auditing skills and is not indicative of malicious intent.
- [NO_CODE]: The skill references several external resources that are missing from the provided package, such as the playbooks in
references/playbooks/and the sub-agent logic inreferences/subagent-dispatch.md. While this limits the review of the full implementation, the available files show no security risks.
Audit Metadata