project-manager
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses an attack surface where malicious instructions could be embedded in the data it processes.
- Ingestion points: The workflow involves reading PBIs from
team-artifacts/pbis/and scanning git commit history. - Boundary markers: Absent. The skill does not instruct the agent to treat the ingested data as untrusted or to ignore instructions contained within those files.
- Capability inventory: The skill uses
Write,Edit, andWebSearchtools, which could potentially be misused if the agent obeys an instruction embedded in a commit message or task description. - Sanitization: No sanitization or validation logic is defined for the external content.
Audit Metadata