write-pad
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user data from the
pad.mdfile and inline commands, which are used to guide the agent's behavior during the session. - Ingestion points: The agent reads the
pad.mdfile at the project root and searches for source code files based on user-provided file paths and line numbers. - Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the data read from files.
- Capability inventory: The agent's capabilities are limited to reading local files and writing to the
pad.mdfile. It is explicitly instructed: "DO NOT implement anything and DO NOT change any other docs." - Sanitization: No validation or sanitization of input instructions or file content is performed.
- [NO_CODE]: This skill consists entirely of natural language instructions and markdown templates. It does not contain any executable scripts (e.g., Python, JavaScript, Shell).
Audit Metadata