From 28a05f994092c52e5e84a66b267b8aa47f592d38 Mon Sep 17 00:00:00 2001
From: Dan Ballance <danballance@users.noreply.github.com>
Date: Sun, 1 Feb 2026 15:05:46 +0000
Subject: [PATCH] Docs: Fix typo in docs/tools/skills.md (#3050)

---
 docs/tools/skills.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/tools/skills.md b/docs/tools/skills.md
index 535df1c34..b4a142e33 100644
--- a/docs/tools/skills.md
+++ b/docs/tools/skills.md
@@ -68,7 +68,7 @@ that up as `<workspace>/skills` on the next session.
 
 ## Security notes
 
-- Treat third-party skills as **trusted code**. Read them before enabling.
+- Treat third-party skills as **untrusted code**. Read them before enabling.
 - Prefer sandboxed runs for untrusted inputs and risky tools. See [Sandboxing](/gateway/sandboxing).
 - `skills.entries.*.env` and `skills.entries.*.apiKey` inject secrets into the **host** process
   for that agent turn (not the sandbox). Keep secrets out of prompts and logs.