weekly-report-writer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documents and templates. It does not include any scripts, binaries, or other executable code, which eliminates common attack vectors related to remote code execution or malicious software.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it is designed to ingest and process contents from external local files.
- Ingestion points: Markdown files within the user-provided directory and linked documents are read into the agent's context.
- Boundary markers: The instructions do not specify any delimiters to separate file content from the agent's internal instructions.
- Capability inventory: The skill is limited to file reading and document synthesis; it does not request or use capabilities for network access, persistence, or shell execution.
- Sanitization: There is no instruction to validate or filter the content retrieved from the files.
Audit Metadata