doc-coauthoring
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill defines a procedural workflow for collaborative writing. It uses standard tool calls like create_file and str_replace for their intended purposes and manages external context via recognized integration patterns.
- [PROMPT_INJECTION]: Analyzed for potential indirect prompt injection surface due to external data processing.
- Ingestion points: The skill ingests data from external integrations (Slack, Teams, Google Drive, SharePoint), user-provided files, and shared document links during the 'Context Gathering' stage in SKILL.md.
- Boundary markers: The instructions do not include explicit delimiters or instructions for the agent to ignore potentially malicious embedded commands within the ingested text.
- Capability inventory: The skill uses the create_file and str_replace tools to create and modify document artifacts based on the gathered context.
- Sanitization: There is no evidence of automated sanitization or validation for the content pulled from external integrations before it is used in drafting.
Audit Metadata