writing-assistance-apis
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a local script
scripts/find-writing-assistance-targets.mjsto inventory the workspace and identify frontend files suitable for API integration. The script performs read-only file system operations using the Node.js runtime. - [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@types/dom-chromium-ainpm package to provide TypeScript definitions for the experimental browser APIs. This is a standard development dependency. - [PROMPT_INJECTION]: The skill implements APIs designed to process untrusted data, such as web page content and user input, which presents an indirect prompt injection surface.
- Ingestion points: Data is ingested from the browser environment (e.g.,
article.innerText) as shown inreferences/examples.mdandSKILL.mdStep 4. - Boundary markers: No explicit delimiters are used in the examples, though the skill provides guidance on data handling.
- Capability inventory: The skill utilizes the browser's built-in
Summarizer,Writer, andRewriterAPIs. These operate within the browser sandbox and do not have access to the underlying operating system or file system. - Sanitization: Step 4.3 of the procedures in
SKILL.mdexplicitly instructs to "Strip or normalize HTML before summarization or rewriting" to mitigate issues with rendered content.
Audit Metadata