Skills
skills/faionfaion/faion-network/faion-pm-traditional/Gen Agent Trust Hub

faion-pm-traditional

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill has a high-severity attack surface for indirect prompt injection because it ingests untrusted project data and has the capability to modify project files.
  • Ingestion points: SKILL.md outlines auto-investigation routines that use Glob, Grep, and Read to pull content from various project files (e.g., **/risk*.md, **/charter*.md).
  • Boundary markers: The prompt templates in llm-prompts.md do not utilize any delimiters or 'ignore' instructions to isolate the data being analyzed from the agent's primary instructions.
  • Capability inventory: The skill is granted Write, Edit, and TodoWrite permissions, providing the necessary side-effect capabilities to be exploited by malicious data.
  • Sanitization: There is no evidence of sanitization or validation logic for the content ingested from project files.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 04:04 AM