written-communication
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill ingests untrusted user data (notes, Slack threads) as source material. However, the workflow is limited to text summarization and formatting into Markdown templates. There is no execution path for the ingested content.
- [Data Exposure & Exfiltration] (SAFE): No exfiltration patterns or hardcoded credentials detected. The
references/CHECKLISTS.mdfile contains an explicit safety requirement for the agent to ensure no secrets, credentials, or PII are included in the generated artifacts. - [Unverifiable Dependencies] (SAFE): The skill is entirely Markdown-based and does not include any Python or Node.js package manifests or remote script downloads.
- [Command Execution] (SAFE): No shell commands, privilege escalation, or persistence mechanisms are present. File writing is handled by the agent's native capabilities at the explicit request of the user for document generation.
Audit Metadata