project-manager
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions do not contain any attempts to bypass safety filters or override system instructions. All instructions are within the expected scope of project management automation.
- [COMMAND_EXECUTION]: The skill is configured to use the
Bashtool to process local project files and artifacts. No suspicious commands, shell modifications, or privilege escalation patterns were identified. - [SAFE]: The skill contains a surface for indirect prompt injection as it processes data from external-facing artifacts like PBIs, pull requests, and commit history.
- Ingestion points:
team-artifacts/pbis/, git PRs, and git commits (file names:SKILL.md). - Boundary markers: Absent.
- Capability inventory:
Bash,Write,Edit, andTaskCreatetools. - Sanitization: No input sanitization or validation logic is specified. Despite this surface, the skill is a legitimate utility and no malicious patterns involving these tools were found.
Audit Metadata