proposal-automation
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a significant surface for indirect prompt injection because it is designed to ingest and process untrusted external data which then drives complex agent behaviors.
- Ingestion points: Untrusted data enters the agent context through customer briefs, RFPs, RFIs, and discovery notes parsed in
SKILL.md(Phase 1.1). - Boundary markers: The skill lacks instructions for the agent to use delimiters or safety filters to separate external input from its internal logic.
- Capability inventory: The skill provides instructions for the agent to autonomously generate and execute software code, including database migrations and build operations (
SKILL.md, Phase 4). - Sanitization: There are no explicit instructions for validating or sanitizing the content of external documents before they are used to generate proposals or POC code.
- Remediation: Implement strict boundary markers for external data and ensure that any code generation or build tasks occur in a secure, isolated sandbox environment.
- [NO_CODE]: This skill package consists entirely of Markdown-based documentation and templates; it contains no executable scripts or binaries.
Audit Metadata