writing-fragments
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by design.
- Ingestion points: The agent is instructed to re-read the document (at a path specified by the user) before each write operation to preserve user edits.
- Boundary markers: The instructions lack specific delimiters or warnings to ignore embedded instructions within the content read from the file.
- Capability inventory: The skill has the capability to read from and write to the local file system.
- Sanitization: There is no mention of sanitizing or validating the file content before it is re-integrated into the agent's context.
Audit Metadata