decision-toolkit
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches font resources from Google's well-known font service (fonts.googleapis.com) to style its interactive HTML templates.
- [PROMPT_INJECTION]: The skill ingests untrusted external data, such as meeting transcripts and notes, to generate its decision-making frameworks. This creates a surface for indirect prompt injection.
- Ingestion points: SKILL.md (Step 1: Gather Context).
- Boundary markers: The skill uses simple template placeholders (e.g., {{CONTEXT}}) for data interpolation, which may not prevent the agent from obeying instructions embedded in the transcripts.
- Capability inventory: The skill has the capability to generate interactive HTML files with JavaScript and trigger local file downloads.
- Sanitization: No explicit sanitization or validation of the input transcript data is performed before processing.
- [COMMAND_EXECUTION]: The skill generates interactive HTML tools and Markdown export templates that include client-side JavaScript. This code manages the decision-making state and enables users to download generated records locally through the browser.
Audit Metadata