wisdom-accountability-coach
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill exhibits an indirect prompt injection surface. * Ingestion points: Untrusted data enters the agent context through
mcp__firecrawl__firecrawl_search,mcp__brave-search__brave_web_search, andWebFetch. * Boundary markers: Absent. The skill does not provide instructions to delimit or ignore potentially malicious instructions embedded in fetched search results. * Capability inventory: The skill possesses file-system modification capabilities (Write,Edit,TodoWrite) and network access (WebFetch). * Sanitization: Absent. There is no evidence of sanitization or validation logic for data retrieved from external sources. - Data Exposure (SAFE): No sensitive file paths (e.g., .ssh, .aws) are accessed, and no hardcoded credentials were found.
- Remote Code Execution (SAFE): The skill does not download external packages or execute remote scripts via shell piping or similar methods.
- Persistence (SAFE): No mechanisms for maintaining access, such as modifying startup scripts or cron jobs, were detected.
Audit Metadata