markdown-stylist-tw
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions consist solely of formatting and stylistic rules for Markdown documents. No evidence was found of attempts to bypass safety filters, override system instructions, or extract system prompts.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, tokens, or private keys were identified in the skill files or metadata.
- [DATA_EXFILTRATION]: There are no network operations (curl, wget, etc.) or access to sensitive file paths (such as .ssh, .aws, or .env) that would indicate data exfiltration or unauthorized data exposure.
- [REMOTE_CODE_EXECUTION]: The skill does not perform any remote package installations or download and execute external scripts. All operations are restricted to text formatting.
- [COMMAND_EXECUTION]: No shell commands, subprocess calls, or privilege escalation attempts (sudo) were detected. The skill is entirely descriptive and instruction-based.
- [INDIRECT_PROMPT_INJECTION]: The skill identifies user prompts as ingestion points for generating reports or translations. While it does not implement specific boundary markers or sanitization for input, it lacks any functional capabilities (such as file writes or network requests) that could be leveraged by an attacker to cause harm.
- Ingestion points: User prompts for document generation and translation (e.g., SKILL.md, evals/evals.json).
- Boundary markers: None present.
- Capability inventory: None. The skill does not use tools or execute code.
- Sanitization: None present.
Audit Metadata