skill-writer
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates a workflow that ingests external content, creating a surface for indirect prompt injection attacks.
- Ingestion points: External and local sources are collected and synthesized in Step 2 and Step 4.
- Boundary markers: The skill references 'trust and safety rules' and 'depth gates' in its workflow, but no explicit delimiters are defined in the SKILL.md file.
- Capability inventory: The skill possesses the capability to author and update SKILL.md files and supporting scripts, allowing injected instructions to be persisted into new skill artifacts.
- Sanitization: The instructions mention safety rules but do not specify technical sanitization or validation methods for the synthesized data.
Audit Metadata