pbi-challenge
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted PBI drafts from directory 'team-artifacts/pbis/' or user-provided paths.
- Ingestion points: PBI content is read into the agent's context during Step 1 of the workflow.
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the analyzed documents.
- Capability inventory: The skill uses TaskCreate and AskUserQuestion; it lacks file-write or network egress capabilities.
- Sanitization: No validation or escaping is applied to the ingested content.
Audit Metadata