every-style-editor
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of processing untrusted text content while having access to file-modification tools.
- Ingestion points: External text is ingested through tools like Read and WebFetch as defined in the skill's configuration.
- Boundary markers: The instructions lack explicit delimitation or directives to ignore instructions embedded within the text being edited.
- Capability inventory: The agent is granted access to high-privilege tools including Edit, MultiEdit, Write, and NotebookEdit, which could be exploited if an injection is successful.
- Sanitization: There is no instruction or logic provided to sanitize input or validate content before it is processed by the agent.
Audit Metadata