document-writer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (LOW): The skill contains a specific 'Override' instruction in SKILL.md ('The sacrifice grammar for brevity rule does NOT apply here'). This is a benign stylistic constraint rather than an attempt to bypass safety filters or extract system prompts.
- EXTERNAL_DOWNLOADS (LOW): The file references/content-patterns.md suggests the installation of 'nuxt-content-twoslash' via pnpm. While the source repository (antfu/nuxt-content-twoslash) is a well-known community resource, it is not within the strictly defined 'Trusted Organizations' list, warranting a low-severity observation for package management.
- INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to process untrusted user content (blog posts/markdown). While it lacks explicit boundary markers for this data, its capabilities are limited to providing stylistic feedback and structural templates, presenting no significant risk of downstream privilege escalation or data exfiltration.
Audit Metadata