context-management
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes Read, Grep, and Glob tools to ingest content from project files, which creates a surface for indirect prompt injection.
- Ingestion points: Content ingested from local files via Read and Grep tools.
- Boundary markers: No explicit boundaries or ignore-instructions are defined to prevent the agent from following directives embedded in read files.
- Capability inventory: The skill allows the agent to Write to the filesystem.
- Sanitization: No sanitization or input validation is specified.
Audit Metadata