limitations-scope-writer
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's functionality is strictly limited to the intended purpose of writing research paper content. It manages files within the expected workspace and does not initiate external network requests or execute suspicious commands.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes untrusted paper drafts and research notes while maintaining access to powerful tools.
- Ingestion points: The agent reads user-provided paper sections and local project metadata files such as
writing-contract.mdandpaper-evidence-board.mdas outlined in the Progressive Loading section and Step 1. - Boundary markers: There are no explicit instructions or delimiters used to isolate processed paper content from the agent's core instructions.
- Capability inventory: The skill utilizes the
Bash,Write,Edit, andGlobtools to perform its tasks. - Sanitization: No sanitization or validation of the ingested draft content is performed. This is considered a low-risk surface inherent to document-processing assistants.
Audit Metadata