Skills
skills/abudhahir/superpowers/writing-skills/Gen Agent Trust Hub

writing-skills

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (MEDIUM): The files persuasion-principles.md and CLAUDE_MD_TESTING.md provide a framework for using 'Authority' and 'Commitment' principles to override an agent's internal reasoning. These patterns include high-severity markers such as 'YOU MUST', 'No exceptions', and 'If a skill existed and you didn't use it, you failed', specifically aimed at eliminating 'decision fatigue and rationalization'. This is a form of meta-prompt injection design.
  • [COMMAND_EXECUTION] (LOW): The script render-graphs.js utilizes child_process.execSync to run the system's dot binary. While input is passed via stdin, the execution of local binaries on files provided at runtime is a notable capability tier.
  • [DATA_EXPOSURE] (SAFE): No hardcoded credentials or sensitive file paths (e.g., .ssh, .aws) were detected in the provided scripts or documentation.
  • [INDIRECT_PROMPT_INJECTION] (LOW):
  • Ingestion points: render-graphs.js reads content from SKILL.md using fs.readFileSync.
  • Boundary markers: None. The script extracts code blocks based on regex and processes them.
  • Capability inventory: Subprocess execution of dot and file writing to the diagrams/ subdirectory.
  • Sanitization: None. The script extracts raw text from markdown blocks and pipes it directly to the system shell via dot.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:40 PM