agent-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates an 'Auto-Detect' feature that scans previous task history to identify inefficiency patterns and score performance. This creates a surface for Indirect Prompt Injection where malicious instructions embedded in the task history could attempt to manipulate the retrospective report.
- Ingestion points: The protocol explicitly instructs the agent to 'Scan the task history for these patterns' in the SKILL.md file.
- Boundary markers: There are no defined delimiters or instructions provided to the agent to disregard potential commands or adversarial text within the history being analyzed.
- Capability inventory: The skill is limited to generating a structured text report (retrospective), scores, and action items for future sessions.
- Sanitization: No sanitization, escaping, or validation logic is defined to filter the contents of the task history before analysis.
Audit Metadata