research-mental-check
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by instructing the agent to read historical log files from '~/phd-log/mental-checkins/' to identify recurring patterns. This allows potentially untrusted content from past interactions to influence current agent logic.
- Ingestion points: Historical markdown files located in the user's home directory.
- Boundary markers: Absent; the skill does not define specific delimiters to isolate historical data from active prompts.
- Capability inventory: The skill utilizes file system read and write operations.
- Sanitization: Absent; log data is processed without escaping or validation.
- [COMMAND_EXECUTION]: The skill performs local file system operations to manage personal logs in the '~/phd-log/' directory. This involves the storage of sensitive personal reflections in plain-text markdown files on the user's local disk.
Audit Metadata