doc-coauthoring
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements a procedural workflow for document creation that matches its stated purpose. It does not contain any malicious code, obfuscation, or unauthorized data access attempts.- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection, as it is designed to ingest and process external data from documents and messaging threads. However, this risk is inherent to its primary function of documentation co-authoring.
- Ingestion points: Reads content from user-provided files, links to shared documents, and messaging integration threads (e.g., Slack, Teams).
- Boundary markers: The workflow does not explicitly define markers to isolate external content from the agent's instructions.
- Capability inventory: Employs tools for file creation (
create_file), string replacement (str_replace), and integration searches. - Sanitization: No specific content sanitization or validation of the ingested content is described beyond the host model's standard filters.
Audit Metadata