doc-coauthoring
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted data from various sources to guide the writing process.
- Ingestion points: Documentation context is gathered from user info-dumps, uploaded files, and external content fetched via integrations like Slack, Teams, or Google Drive.
- Boundary markers: The workflow instructions do not include delimiters or specific guidance for the agent to ignore potentially malicious instructions embedded within the provided context or templates.
- Capability inventory: The skill possesses the capability to create and modify files and to invoke sub-agents for document testing, which could be exploited if an injection occurs.
- Sanitization: No input validation or sanitization is performed on the gathered context before it is incorporated into the drafting and refinement stages.
Audit Metadata