Skills
skills/olshansk/agent-skills/cmd-proofread/Gen Agent Trust Hub

cmd-proofread

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user-provided text ('the full post') and has instructions to 'edit the file directly'. This pattern exposes the agent to indirect prompt injection if the text contains malicious instructions.
  • Ingestion points: The agent is instructed to read the full post content within SKILL.md.
  • Boundary markers: There are no markers or delimiters specified to isolate user content from the agent's instructions.
  • Capability inventory: The skill specifies that the agent should 'edit the file directly' and 'apply all... fixes in place', which includes modifying text and links.
  • Sanitization: No sanitization or verification of the input text is performed before it is used to drive file-writing operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 05:47 AM