writing-skills
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a Node.js script
render-graphs.jsthat executes the system'sdotcommand viachild_process.execSync. This tool is used for rendering SVG diagrams from Graphviz markdown blocks provided in the skill documentation. The script also invokeswhich dotto check for the command's presence on the host system. - [EXTERNAL_DOWNLOADS]: Documentation and templates within the skill suggest installing several well-known third-party libraries (e.g.,
pdfplumber,pypdf,pdf2image,pytesseract,docx-js) using standard package managers likepipandnpm. These recommendations are contextual examples for implementing specific types of tasks and rely on official package registries. - [SAFE]: The 'Anti-Rationalization' and 'Persuasion Principles' sections provide educational content on how to write authoritative and resistant instructions for AI agents. These techniques are intended for developers to ensure that agents follow critical workflows (such as Test-Driven Development) and do not represent malicious prompt injection or attempts to bypass system safety filters.
Audit Metadata