draft-polisher
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and scripts are focused on legitimate document processing tasks.\n- [PROMPT_INJECTION]: Instructions in SKILL.md define strict operational guardrails (e.g., citation immutability) rather than attempting to bypass safety filters. No malicious override patterns were found.\n- [DATA_EXFILTRATION]: The skill lacks network capabilities and does not access sensitive system files or credentials. All operations are confined to the local workspace.\n- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process user-provided drafts in output/DRAFT.md.\n
- Ingestion points: The draft file is read to create citation baselines and for LLM-based polishing.\n
- Boundary markers: No specific delimiters are used to wrap the input text during processing.\n
- Capability inventory: The script performs file I/O operations and triggers internal quality gate checks.\n
- Sanitization: No content sanitization is applied to the input draft prior to processing.\n- [DYNAMIC_EXECUTION]: The Python script in scripts/run.py modifies sys.path to import local repository tools (tooling.common, tooling.quality_gate). This is a standard practice for monorepo internal utilities and does not involve untrusted remote code.
Audit Metadata