pre-write-checklist
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized access patterns were detected. The skill's operations are restricted to reading local project files to improve AI performance.
- [DATA_EXPOSURE]: The skill accesses project-specific files such as 'character-state.json' and 'specification.md'. This data access is aligned with the skill's primary function and is restricted to the local workspace via the 'Read' and 'Grep' tools.
- [INDIRECT_PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection because it automatically ingests data from external story files.
- Ingestion points: Multiple files including 'memory/constitution.md', 'stories//specification.md', and 'spec/tracking/.json'.
- Boundary markers: Absent; the skill directs the agent to read file contents directly into the context.
- Capability inventory: Uses 'Read' and 'Grep' tools; no network or shell execution capabilities are present.
- Sanitization: Absent; the content is loaded as raw context. However, as this is the intended primary purpose of the skill for a writer's assistant, the risk is considered negligible for the user.
Audit Metadata