prose-fix
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a standard utility focused on text processing tasks such as fixing typos, removing double spaces, and standardizing punctuation. It includes specific instructions to preserve technical terms and the author's original voice.
- [COMMAND_EXECUTION]: The skill's workflow utilizes the
grepcommand-line tool to identify formatting issues (specifically em dashes) within local files. This is a standard and expected use of local utilities for this type of task. - [PROMPT_INJECTION]: The skill processes untrusted data from user-provided files, which represents a surface for indirect prompt injection.
- Ingestion points: Reads content from
.mdand.txtfiles. - Boundary markers: The skill does not implement specific delimiters or warnings to ignore instructions embedded within the target files.
- Capability inventory: The skill can read file contents, search using
grep, and perform in-place edits to files. - Sanitization: No sanitization is performed on the input text before it is processed by the agent.
- [DATA_EXFILTRATION]: No network operations, sensitive file access, or credential exposure were detected. The skill's scope is strictly limited to local text and markdown files.
Audit Metadata