doc-coauthoring
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its document context gathering design.
- Ingestion points: The skill is designed to read and process content from user-provided links, files, and integrations with services like Slack, Teams, Google Drive, and SharePoint.
- Boundary markers: The instructions do not specify the use of delimiters or provide warnings to the agent to ignore instructions embedded within the external content.
- Capability inventory: The agent has the ability to create and modify files in the working directory using 'create_file' and 'str_replace' and can invoke sub-agents to process document content.
- Sanitization: The skill lacks any instructions for validating or sanitizing the content fetched from external sources before it is used in the drafting process.
Audit Metadata