doc-coauthoring
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design, as it is instructed to ingest and process content from external shared documents, messaging channels (Slack/Teams), and user-provided context. • Ingestion points: Stage 1 (Context Gathering) and Stage 3 (Reader Testing) within SKILL.md. • Boundary markers: Absent; the instructions do not implement specific delimiters or 'ignore' directives to isolate untrusted external content from the agent's logic. • Capability inventory: The skill utilizes create_file, str_replace, and sub-agent invocation to manage document artifacts and perform validation. • Sanitization: Absent; external content is processed directly to generate document drafts and test questions.
Audit Metadata