cover-letter
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill consists of Markdown instructions and templates for professional writing tasks. No malicious patterns, obfuscation, or unauthorized data access were detected.
- [NO_CODE]: No executable scripts or source code files are included in this skill, which relies entirely on natural language instructions.
- [SAFE]: The skill integrates with 'office-mcp', which is identified as a legitimate resource from the vendor 'claude-office-skills'.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface assessment: 1. Ingestion points: User-provided job postings and professional experience in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: 'create_docx' and 'docx_to_pdf' MCP tools. 4. Sanitization: Absent. The risk is considered safe as it is inherent to the skill's function as a writing assistant.
Audit Metadata