writing-agents-md
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill consists of instructional guidelines and principles for optimizing configuration files without executing dangerous commands or accessing sensitive data.
- [EXTERNAL_DOWNLOADS]: The documentation references external resources from trusted and well-known domains, including arxiv.org, youtube.com, and addyosmani.com. These are provided for educational context and do not involve automated execution of untrusted remote code.
- [INDIRECT_PROMPT_INJECTION]: While the skill is designed to ingest and process external files (AGENTS.md/CLAUDE.md) that could theoretically contain malicious instructions, it explicitly implements a defensive workflow. It instructs the agent to treat these files as historical input only and to prioritize the repository's codebase as the primary source of truth, effectively mitigating potential injection attacks embedded in the processed configuration files.
Audit Metadata