write
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user input that could contain malicious instructions designed to influence the final prose or the behavior of the reviewer agent.
- Ingestion points: User context is gathered via the $ARGUMENTS variable and the AskUserQuestion function as defined in SKILL.md.
- Boundary markers: The instructions do not define clear delimiters (e.g., XML tags or triple quotes) to separate user-provided context from the system's own instructions.
- Capability inventory: The skill performs file system write operations (creating draft-{topic-slug}.md) and invokes secondary agents (writing-reviewer), which could be manipulated if the input is not handled safely.
- Sanitization: There is no explicit logic described for sanitizing or escaping the user's input before it is passed to the generation or review stages.
Audit Metadata