pmf-context
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection related to its processing of local project files.\n
- Ingestion points: The skill reads markdown files located in the 'pmf/' directory, including 'icp.md', 'value-prop.md', 'aha-moments.md', and 'validation-plan.md', to display status summaries.\n
- Boundary markers: There are no specific instructions or delimiters used to ensure that content within these files is not interpreted as instructions by the agent.\n
- Capability inventory: The skill has access to 'Read', 'Write', 'Glob', and 'AskUserQuestion' tools across the project directory.\n
- Sanitization: No mechanisms for escaping, validating, or sanitizing the ingested file content are specified in the skill logic.
Audit Metadata