evidence-consistency-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze external documents to verify claim consistency, which presents an attack surface for indirect prompt injection.\n- Ingestion points: The skill reads files such as tracking/source-register.md, tracking/review-notebook.md, and other user-provided processed inputs.\n- Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat external data as untrusted or to ignore embedded instructions.\n- Capability inventory: Across all files, the skill's capabilities are limited to reading from and writing to local markdown files in the tracking/ directory. There are no network requests, subprocess calls, or system-level file access.\n- Sanitization: There is no evidence of sanitization, filtering, or validation of the content within the ingested documents.
Audit Metadata