api-writer
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions in SKILL.md are strictly focused on professional document generation and workflow management. There are no attempts to bypass safety filters or override system instructions.
- [DATA_EXFILTRATION]: The skill uses glob patterns to identify local project files for context gathering. However, there are no network operations (like curl or fetch) or hardcoded credentials detected that would facilitate data removal.
- [COMMAND_EXECUTION]: The skill does not contain any shell commands, subprocess calls, or script execution patterns. Its operations are limited to reading local files and generating text output based on templates.
- [EXTERNAL_DOWNLOADS]: No external URLs or remote resource fetches were identified in the skill files or templates.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an ingestion surface as it reads external documents (PRDs). However, it lacks exploitable capabilities like code execution or network access.
- Ingestion points: Glob scanning of local markdown and specification files.
- Boundary markers: Relies on user confirmation steps via AskUserQuestion.
- Capability inventory: No dangerous tools (exec, eval, network) are available to the skill.
- Sanitization: Output is restricted to markdown document templates.
Audit Metadata