ask
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill is composed entirely of natural language instructions and does not include any scripts, binaries, or executable code.
- [Indirect Prompt Injection] (SAFE): The skill processes external data (user arguments and local documentation) which is a common surface for indirect prompt injection; however, it uses appropriate delimiters and lacks high-risk capabilities.
- Ingestion points: Processes user input via
$ARGUMENTSand reads architectural context from files in./docs/and./.claude/workflows/. - Boundary markers: Arguments are wrapped in
<questions>tags to separate them from system instructions. - Capability inventory: The skill is limited to providing analysis and invoking a local
scout.mdskill; it cannot perform network operations or filesystem writes. - Sanitization: Uses structural XML-style tags to delimit untrusted input from the instruction prompt.
Audit Metadata