monthly
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface due to its core function of summarizing content from user-generated files. \n
- Ingestion points: Reads daily notes and project documentation files (CLAUDE.md). \n
- Boundary markers: None identified in the skill instructions. \n
- Capability inventory: File read/write/edit and task management tools. \n
- Sanitization: No specific input sanitization is performed on the data read from local files. \n- [SAFE]: No malicious behavior, obfuscation, or unauthorized data access patterns were identified. All operations, including file reading and writing to the Goals directory, align with the skill's stated purpose of rolling up weekly reviews and planning the next month's focus.
Audit Metadata