de-AI-writing
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection as it is designed to ingest and process external text for rewriting and translation.
- Ingestion points: The skill reads external content provided by the user or from files using the
Readtool for the purpose of style adjustment and translation as defined inSKILL.mdandreferences/translation-guardrails.md. - Boundary markers: No explicit delimiters or specific boundary instructions are used to separate user-provided text from the agent's core processing logic.
- Capability inventory: The skill has access to
Read,Write, andEdittools, allowing it to modify local files based on the processed output. - Sanitization: The skill's extensive style rules (e.g., in
references/ai-trace-detector.md) serve as a functional filter. By strictly prohibiting specific words, sentence structures, and 'roadsign' phrases typical of AI models, it is likely to disrupt or remove common prompt injection payloads embedded within the input text. - [SAFE]: The skill includes a local PowerShell script (
tools/style-lint.ps1) for text analysis. - The script calculates metrics such as paragraph density and punctuation usage to verify adherence to style guidelines.
- It uses Unicode-escaped character literals (e.g.,
\u800c\u662ffor '而是') to maintain consistent pattern matching for Chinese characters across different system encoding environments. - The script performs static analysis and does not utilize dynamic code execution or external network calls.
Audit Metadata