knowledge-synthesis
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points: The skill reads data from '.claude/tmp/_evidence-{slug}.md' and '.claude/tmp/_sources-{slug}.md' which are likely populated by previous research tasks.
- Boundary markers: The instructions do not define delimiters or isolation markers for the external content being processed.
- Capability inventory: The skill uses 'Read', 'Write', 'Edit', and 'TaskCreate' tools, allowing it to modify the file system and generate new agent tasks based on the synthesis.
- Sanitization: There is no mechanism described for validating or sanitizing the ingested evidence before it is used in the synthesis process.
Audit Metadata