craft-author-voice
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user-provided writing samples to generate a style guide, creating a surface for indirect prompt injection.
- Ingestion points: User-provided text samples and feedback collected in Phase 1 (Question 9) and Phase 3 (Refinement Cycles).
- Boundary markers: The skill does not implement explicit delimiters or instructions to ignore embedded commands within user samples when writing to AUTHOR_VOICE.md.
- Capability inventory: The skill uses tools for file searching (Glob), reading and writing files (AUTHOR_VOICE.md), and delegating tasks to a sub-agent (voice-writer).
- Sanitization: No filtering or sanitization is performed on the user-provided content before it is incorporated into the style document.
Audit Metadata