Skills
skills/4444j99/a-i--skills/doc-coauthoring/Gen Agent Trust Hub

doc-coauthoring

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from multiple external sources and incorporates it into the document drafting process without sufficient safeguards.\n
  • Ingestion points: SKILL.md (Stage 1) specifies reading content from shared documents, fetching data from URLs, and ingesting information from communication platforms such as Slack and Microsoft Teams.\n
  • Boundary markers: Absent. The instructions do not require the agent to use delimiters or explicit "ignore embedded instructions" warnings when handling retrieved external content.\n
  • Capability inventory: The skill uses create_file and str_replace to perform file operations and can invoke sub-agents or search connected tools as described throughout SKILL.md.\n
  • Sanitization: No validation, escaping, or filtering is applied to the data gathered from external integrations before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 03:25 AM