weekly
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempt to bypass agent safety or override system prompts. The skill follows a standard instructional format for workflow automation.- [Data Exposure & Exfiltration] (SAFE): The skill reads and writes to local project folders (daily notes, goals folder). It does not perform network calls or access sensitive system secrets like SSH keys or environment variables.- [Remote Code Execution] (SAFE): No external scripts, packages, or remote downloads are specified. All logic is handled via the agent's built-in toolset.- [Indirect Prompt Injection] (LOW): The skill processes daily notes which are external data. 1. Ingestion points: reads files from daily notes folder. 2. Boundary markers: uses markdown template structures but lacks explicit ignore markers for embedded instructions. 3. Capability inventory: includes file write, edit, and task management. 4. Sanitization: no explicit sanitization of input data is defined. An attacker with write access to the user's daily notes could attempt to influence the agent's behavior during the review process.
Audit Metadata