ceo-board
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious instructions, obfuscation, or data exfiltration patterns were identified. The skill follows standard multi-agent orchestration practices within a local workspace.
- [NO_CODE]: The skill is entirely comprised of markdown documentation and instructions. No executable scripts, binary files, or installation commands are present in the audited content.
- [PROMPT_INJECTION]: Evaluated the attack surface for indirect prompt injection as the skill processes user-provided briefs to drive deliberations. The risk is assessed as safe given the limited capability set of the agent in this context.
- Ingestion points: Brief files located in the .pi/ceo-agents/briefs/ directory.
- Boundary markers: None explicitly defined in the provided instructions to delimit user input from agent reasoning instructions.
- Capability inventory: Reading and writing markdown and JSON files within the restricted .pi/ project workspace.
- Sanitization: No explicit sanitization or validation of brief content is mentioned.
Audit Metadata