technical-writer
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or data exfiltration attempts were detected in the skill instructions or reference documentation.
- [COMMAND_EXECUTION]: The skill provides a local Python script (
scripts/validate_markdown.py) for linting documentation. This script uses standard Python libraries and performs read-only file operations to verify structure and style without performing dangerous system calls or network requests. - [PROMPT_INJECTION]: The skill processes user-provided documentation files, which represents a surface for indirect prompt injection. 1. Ingestion points: documentation files in the
docs/directory andREADME.md. 2. Boundary markers: None explicitly defined to separate documentation data from instructions. 3. Capability inventory: The skill can read and edit documentation files and execute a local Python script for validation. 4. Sanitization: No natural language instruction filtering is performed; validation is limited to Markdown structure and style. Since document processing is the primary function of this skill, this surface is considered a functional requirement rather than a malicious finding.
Audit Metadata