writing-profile
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill maintains all user-specific data, including states and profile results, within the dedicated directory ~/.claude/writing-profile/. This approach ensures that the skill's operations are contained and do not impact sensitive system files or shell configurations.
- [PROMPT_INJECTION]: The /writing-profile review command creates a surface for indirect prompt injection. 1. Ingestion points: Content is read directly from user-specified local files via the review argument in commands/review.md. 2. Boundary markers: The skill does not implement delimiters or 'ignore' instructions to separate analyzed data from agent instructions. 3. Capability inventory: The skill utilizes agent tools for file system management (mkdir, mv, rm, cat) within its operational scope. 4. Sanitization: No sanitization is performed on ingested text, potentially allowing embedded instructions in a reviewed document to influence agent behavior.
Audit Metadata