professional-proofreader
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data from user-uploaded files (.docx, .pdf, .txt) and pasted text, creating a potential surface for indirect prompt injection.\n
- Ingestion points: Text extraction described in references/file-processing-mode.md and references/inline-text-mode.md.\n
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' markers to separate processing logic from user content.\n
- Capability inventory: The agent has capabilities to read file contents and save new files to the filesystem as outlined in SKILL.md.\n
- Sanitization: There is no evidence of sanitization or filtering applied to the external content before it is processed by the language model.
Audit Metadata