challenge-onboarding
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The analyzed skill consists entirely of markdown documentation, logic descriptions, and JSON/markdown file templates. It does not include any Python, Node.js, or shell scripts.
- [SAFE]: The external links provided (The Coaching Tools Company and GoalsWon) are for educational reference and best practices. These are well-known resources in the coaching industry and do not present a security risk.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes untrusted user input to generate challenge configurations and schedules.
- Ingestion points: User responses during the 5-phase onboarding flow (e.g., challenge names, milestones, punishment descriptions).
- Boundary markers: Absent; user input is directly interpolated into file templates without explicit delimiters or instructions to the agent to ignore embedded commands.
- Capability inventory: Writing configuration files to the local file system at
~/.openanalyst/challenges/. - Sanitization: Not explicitly defined in the logic; the skill relies on the underlying agent's standard safety filters.
- [DATA_EXPOSURE]: The skill specifies the creation of local files in the user's home directory (
~/.openanalyst/). These files store user-defined goals and commitments. This is considered standard functional behavior for an accountability application and does not involve external exfiltration.
Audit Metadata