po-journey-architect
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWSAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to bypass AI safety filters, override system instructions, or extract the system prompt.
- [Data Exposure & Exfiltration] (SAFE): The skill does not contain any hardcoded credentials, sensitive file paths, or network communication commands.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external packages or remote scripts are referenced or executed. The skill is entirely comprised of markdown instructions.
- [Indirect Prompt Injection] (LOW): The skill's primary function is to ingest and analyze untrusted external data in the form of product specifications.
- Ingestion points: Triggered by requests to review product specs and design user journeys (SKILL.md).
- Boundary markers: Absent; the instructions do not specify delimiters for untrusted content.
- Capability inventory: The skill only generates text and Mermaid diagrams. It has no capabilities for file modification, network requests, or subprocess execution.
- Sanitization: No sanitization or input validation logic is present to filter malicious instructions within processed documents.
- [Persistence & Privilege Escalation] (SAFE): No system-level commands, task scheduling, or permission modifications are present.
Audit Metadata