writing-skills
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a Node.js utility script,
render-graphs.js, which executes the system commanddot(Graphviz) viaexecSync. This is used to transformdotcode blocks withinSKILL.mdinto SVG diagrams for visualization. The script uses standard input for the graph data and sanitizes output filenames using a alphanumeric regex, which mitigates common shell injection and path traversal risks. - [PROMPT_INJECTION]: The skill documentation, particularly in
persuasion-principles.md, instructs the AI to use 'Authority' and 'Commitment' principles (e.g., 'YOU MUST', 'No exceptions', 'Delete means delete') to ensure compliance with the TDD methodology. While these are powerful directives designed to override an agent's tendency to rationalize skipping steps, they are used to enforce the skill's own quality standards rather than to bypass safety filters or extract system information. - [DATA_EXPOSURE]: There are no hardcoded credentials, secrets, or references to sensitive local files (such as SSH keys or environment configurations) within the skill files.
- [EXTERNAL_DOWNLOADS]: The skill does not perform unauthorized network requests or download external code. It includes a copy of Anthropic's official best practices for context, which is a trusted source.
Audit Metadata