Skills
skills/abpai/skills/human-writer/Gen Agent Trust Hub

human-writer

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user-supplied text and possesses file system permissions, creating a potential surface for indirect prompt injection.
  • Ingestion points: The skill ingests prose text provided by the user for the purpose of rewriting and editing (SKILL.md).
  • Boundary markers: Absent; the instructions do not define delimiters or specific constraints to prevent the agent from following instructions embedded within the user's text.
  • Capability inventory: The agent has access to Read, Write, Edit, Grep, and Glob tools, allowing for file system modifications based on the processed text (SKILL.md).
  • Sanitization: Absent; no escaping or validation of the input text is specified to mitigate the risk of embedded commands.
  • [EXTERNAL_DOWNLOADS]: The skill is instructed to perform a network fetch to check for updates.
  • Evidence: The agent fetches https://raw.githubusercontent.com/abpai/skills/main/versions.json to compare the local version against the remote metadata (SKILL.md).
  • Context: This is a standard version-checking mechanism targeting the author's own repository and does not involve automated execution of remote code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 12:29 AM