Skills
skills/wpsnote/wpsnote-skills/wpsnote-beautifier/Gen Agent Trust Hub

wpsnote-beautifier

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection through its document processing workflow.
  • Ingestion points: Note content and structural data are retrieved via the user-wpsnote MCP server tools read_note, read_section, and get_note_outline as described in Phase 1 of SKILL.md.
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when handling ingested note text.
  • Capability inventory: The skill has document modification capabilities using the batch_edit and edit_block tools of the user-wpsnote MCP server.
  • Sanitization: Absent. There is no documented logic for validating, escaping, or filtering the ingested content before it is incorporated into the XML structures for writing back to the document.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 11:14 AM
Security Audit — agent-trust-hub — wpsnote-beautifier