synthesizer
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to process untrusted data from research notes and reviews, creating a vulnerability surface where malicious instructions in the source material could influence the agent. 1. Ingestion points: Source documents from Researcher. 2. Boundary markers: Absent. 3. Capability inventory: Writing analysis documents to the filesystem. 4. Sanitization: Absent.
- Data Exposure (LOW): The skill accesses specific metadata files in the home directory (~/.claude/skills/archive-workflow/...) for archival compliance checks, which is a specific file system interaction.
Recommendations
- AI detected serious security threats
Audit Metadata