proofread
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external files (.tex, .qmd, .typ, .md).
- Ingestion points: Uses 'Read' and 'Grep' tools to scan file contents (SKILL.md).
- Boundary markers: Absent. The instructions do not specify delimiters or provide guidance to the agent to ignore instructions embedded within the documents being proofread.
- Capability inventory: The skill has 'Write' and 'Task' capabilities, which could be potentially exploited if a document contains instructions that subvert the agent's primary task.
- Sanitization: Absent. There is no evidence of content filtering or sanitization before the text is analyzed by the language model.
Audit Metadata