writing-revision
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill package contains no executable scripts (e.g., .py, .js, .sh) or binary files. It relies entirely on natural language instructions in SKILL.md and resources/revision-guide.md, and structured data in resources/evaluators/rubric_revision.json.
- [PROMPT_INJECTION]: The skill identifies as having a surface for indirect prompt injection through its processing of untrusted user-provided content.
- Ingestion points: The draft text provided by the user for revision, which is processed across all three revision passes.
- Boundary markers: Absent; the instructions do not specify the use of delimiters to isolate user text from the agent's internal logic or the generated analysis files.
- Capability inventory: The skill utilizes local file system operations to write and read analysis results (e.g., writer-pass1-clutter-analysis.md) in the current directory. It lacks network access, shell execution, or high-privilege operations.
- Sanitization: There is no evidence of input validation or content sanitization for the user drafts prior to analysis.
Audit Metadata