draft-writing
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes specialized tools for file manipulation (
write_draft,patch_draft) and quality control (run_quality_checks). These tools are used to maintain manuscript structure and academic rigor within the project scope. - [PROMPT_INJECTION]: The skill demonstrates an indirect injection surface by ingesting data from user-editable files.
- Ingestion points: Content is retrieved from draft files and
concept.mdvia theread_drafttool during the writing workflow (SKILL.md). - Boundary markers: The instructions do not define specific delimiters or instructions to ignore potential commands embedded in the drafts.
- Capability inventory: The skill has permissions to write to the filesystem and execute internal quality-check hooks.
- Sanitization: There is no explicit mention of sanitizing or escaping the content read from files before it is processed by the agent.
- [DATA_EXFILTRATION]: The skill manages a local persistence layer for snapshots at
drafts/.snapshots/using an internalDraftSnapshotManager. No external network operations or sensitive data access patterns were identified.
Audit Metadata