write-methods
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (INFO): The skill processes content from various project files which could contain malicious instructions. Evidence: 1. Ingestion points: 'scripts/*.py', 'params.yaml', 'dvc.yaml', and '.research/project_telos.md'. 2. Boundary markers: None present. 3. Capability inventory: The skill is limited to markdown generation and display. 4. Sanitization: None. Risk is negligible due to the lack of side-effect capabilities.
- Data Exposure & Exfiltration (LOW): The skill reads local project files to extract metadata for documentation. Evidence: Accesses '.research/project_telos.md' and 'scripts/'. This is standard for its purpose and does not target sensitive system credentials or provide network exfiltration paths.
Audit Metadata