ai-proofreading
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The 'Memory & Self-Evolution' feature creates an Indirect Prompt Injection vulnerability surface. \n
- Ingestion points: Untrusted data enters the context during the proofreading process (user-provided articles) and through feedback provided after the task. The agent reads from and writes to
memory/preferences.md. \n - Boundary markers: Absent. The skill does not provide delimiters or instructions to help the agent distinguish between the text being proofread and the user's actual instructions or feedback. \n
- Capability inventory: The agent is explicitly instructed to use a 'File Edit' tool to modify its persistent memory file on the local filesystem. \n
- Sanitization: Absent. The agent is directed to immediately update the
memory/preferences.mdfile with any identified 'long-term preferences' without any validation or filtering of the content.
Audit Metadata