community-building
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by ingesting untrusted data from external files.
- Ingestion points: Processes data from
MEMORY.mdandUSER.md(as referenced in SKILL.md). - Boundary markers: No delimiters or instructions are provided to the agent to ignore potentially malicious commands within the context files.
- Capability inventory: The skill does not utilize any tools for network access, file system modification, or command execution, limiting the impact of any injection.
- Sanitization: There is no evidence of input validation or sanitization for the ingested context data.
Audit Metadata