skill-writer
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a workflow for ingesting and synthesizing external content to author or update skills and scripts, which creates a surface for indirect prompt injection.\n
- Ingestion points: Untrusted external and local sources are collected and scored during the synthesis phase (Step 2) as directed by 'references/synthesis-path.md'.\n
- Boundary markers: The main 'SKILL.md' does not define specific delimiters or instructions to ignore embedded commands in the ingested data.\n
- Capability inventory: The skill is capable of writing and updating 'SKILL.md' files and creating supporting reference scripts (Step 4).\n
- Sanitization: The skill includes a specific mitigation step to 'Apply trust and safety rules when ingesting external content' (Step 2).
Audit Metadata