writing-skills
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill documentation, particularly in
persuasion-principles.mdandtesting-skills-with-subagents.md, explicitly uses persuasion frameworks like "Authority" and "Commitment" to override the agent's internal reasoning and safety filters (referred to as "rationalization"). It employs imperative markers such as "YOU MUST", "Never", and "No exceptions" to ensure strict compliance with defined protocols. - [PROMPT_INJECTION]: The skill's primary function involves reading and acting upon external, potentially untrusted skill documentation files during the testing phase. This ingestion of untrusted data into the agent's instruction context creates an attack surface for indirect prompt injection, as there are no explicit boundary markers or sanitization procedures described for the processed content.
- [COMMAND_EXECUTION]: The utility script
render-graphs.jsutilizes the Node.jschild_process.execSyncfunction to execute system commands. Specifically, it invokes thedot(Graphviz) utility to render SVG diagrams, passing content extracted from markdown blocks directly to the subprocess via stdin.
Audit Metadata