Skills
skills/basecamp/dev-skills/consult-outside-expert/Gen Agent Trust Hub

consult-outside-expert

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted 'Artifacts' and 'External Review' feedback as part of its core loop, creating an indirect injection surface.
  • Ingestion points: Artifacts (files) and external expert responses entering the agent context as described in references/guide.md.
  • Boundary markers: The guide uses markdown headers and templates to structure inputs, but lacks explicit instructions to the agent to ignore or escape instructions contained within the reviewed content.
  • Capability inventory: The agent has the capability to read/write local files and execute shell commands.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the content of the artifacts or the feedback before processing.
  • [COMMAND_EXECUTION]: The references/guide.md file provides a suite of shell commands (using grep, test, wc) for the agent to execute in order to verify the structure and existence of session logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 11:25 AM