technical-writer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted requirement documents from the docs/requests/ directory, which presents a surface for indirect prompt injection. Ingestion points: Document files are read from the docs/requests/ directory as defined in the Phase 0 workflow of SKILL.md. Boundary markers: None implemented; the skill does not use specific delimiters or instructions to distinguish between user-provided data and agent instructions. Capability inventory: The skill generates textual content and writes it to a local markdown file at docs/specs/writer-nfr.md. It lacks capabilities for network access, shell command execution, or code evaluation. Sanitization: No validation or sanitization logic is applied to the content of the ingested documents.
- [NO_CODE]: The skill consists solely of Markdown instructions, workflow definitions, and reference templates. No Python scripts, Node.js packages, or other executable files are included in the skill bundle.
Audit Metadata