Skills
skills/dmccreary/claude-skills/chapter-content-generator/Gen Agent Trust Hub

chapter-content-generator

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands (bash) to log session start and end times to the logs/ directory for tracking generation progress.
  • [COMMAND_EXECUTION]: The skill provides a Python script to validate the integrity and directionality of concept dependency edges in the docs/learning-graph/learning-graph.json file.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external data (e.g., docs/course-description.md, docs/glossary.md, and chapter index.md outlines) without boundary markers or sanitization, which could allow malicious content in those files to influence the agent's output or tool use.
  • Ingestion points: docs/course-description.md, docs/learning-graph/learning-graph.json, docs/glossary.md, CLAUDE.md, and chapter index.md files.
  • Boundary markers: None identified in the prompt interpolation steps.
  • Capability inventory: Shell access (bash), Python code execution, and the Task tool for spawning sub-agents.
  • Sanitization: No explicit filtering or validation of ingested text content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 01:39 AM