osprey-appraise
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data such as client-provided audits, emails, and PDFs in Phase 1A, which creates a surface for indirect prompt injection.
- Ingestion points: Phase 1A explicitly instructs the agent to read and extract findings from external documents in PDF, markdown, and email formats.
- Boundary markers: No delimiters or protective instructions are used to distinguish external data from core instructions.
- Capability inventory: The skill performs data extraction and proposal generation; it does not contain direct code execution capabilities.
- Sanitization: No sanitization or validation steps for external content are defined.
- [NO_CODE]: The skill contains no executable scripts or binary files, consisting entirely of markdown instructions and templates.
Audit Metadata