storage-templates
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential surface for Indirect Prompt Injection (Category 8) identified in the described content lifecycle management workflows.\n
- Ingestion points: Automation examples in
modules/lifecycle-stages.mdandmodules/template-patterns.mddemonstrate scripts that parse frontmatter from markdown files.\n - Boundary markers: The system uses standard YAML delimiters but lacks specific instructions to ensure the agent ignores or sanitizes instructions embedded within the managed content.\n
- Capability inventory: The skill outlines processes involving file system management (moving and creating files) and automated decision-making based on file metadata.\n
- Sanitization: While Python snippets use
yaml.safe_load, the skill does not define validation or sanitization rules for the semantic content of the metadata fields, which could be exploited to influence agent behavior.
Audit Metadata