writing-structure-planner
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when analyzing user-provided writing material.
- Ingestion points: User content is ingested in SKILL.md (Step 1.1) where the agent is instructed to read everything the user provides.
- Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the workflow.
- Capability inventory: The skill directs the agent to create and write to markdown files (writer-structure-material-analysis.md and writer-structure-options.md) as specified in SKILL.md (Steps 1.2 and 2.2).
- Sanitization: No sanitization or validation of the ingested user material is performed before processing or file creation.
- [COMMAND_EXECUTION]: The skill instructs the agent to perform file system operations, specifically creating and writing results to local markdown files in the project directory.
Audit Metadata