Skills
skills/vinvcn/mattpocock-skills-zh-cn/writing-shape/Gen Agent Trust Hub

writing-shape

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of external data.
  • Ingestion points: As described in SKILL.md, the agent is instructed to read a user-provided markdown file (the "input pile") to begin the shaping session.
  • Boundary markers: The instructions lack delimiters or specific warnings to the agent to treat the input pile exclusively as data, creating a risk that the agent may interpret and execute instructions embedded within the raw material.
  • Capability inventory: The skill has the capability to read from and write to the local filesystem.
  • Sanitization: No mechanisms for sanitizing, escaping, or validating the content of the input file are present before the data is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:56 AM
Security Audit — agent-trust-hub — writing-shape