writing-skills
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The
render-graphs.jsscript invokes the systemdotcommand (from Graphviz) to convert diagram source code into SVG files. This is a legitimate utility function that processes data provided within the skill directory. - [PROMPT_INJECTION]: The skill instructs authors to use strong, authoritative language in their documentation to prevent AI agents from rationalizing away rules. These instructions are intended to improve the reliability of other skills and do not attempt to bypass the agent's safety guardrails or extract system-level prompts.
- [EXTERNAL_DOWNLOADS]: The instructional documents reference several well-known libraries such as
pdfplumber,pypdf, anddocx-jswithin code examples. These are presented as industry-standard patterns for specific tasks and are not installed or executed automatically by this skill.
Audit Metadata