Skills
skills/generaljerel/chalk-skills/create-doc/Gen Agent Trust Hub

create-doc

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes user-provided input from the $ARGUMENTS variable to generate documentation content, creating a vulnerability surface for indirect prompt injection.
  • Ingestion points: The documentation topic and substantive content are derived directly from the $ARGUMENTS provided by the user.
  • Boundary markers: The workflow lacks explicit delimiters or instructions to the agent to treat the user-supplied content as untrusted data or to ignore potentially malicious instructions embedded within that data.
  • Capability inventory: The skill utilizes the Write, Read, and Glob tools to create and manage markdown files within the .chalk/docs/ directory structure.
  • Sanitization: There is no evidence of sanitization, validation, or escaping of the user-provided input before it is written to the local filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 10:02 AM