project-manager
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill instructions explicitly direct the agent to 'Review documentation' and 'Reference available project documentation' within the repository to guide its planning and recommendations. If an attacker can commit files to the repository (like 'development guidelines' or 'coding standards'), they could embed instructions to influence the agent's behavior.
- Ingestion points: Repository-based project documentation, standards, and guidelines (SKILL.md).
- Boundary markers: Absent; there are no instructions for the agent to distinguish between administrative metadata and instructions in those files.
- Capability inventory: None; the skill provides high-level coordination instructions and does not define executable scripts or tool calls itself.
- Sanitization: Absent; the prompt does not specify any validation or sanitization of external content.
- [No Code] (SAFE): This skill is entirely instructional (Prompt-based) and does not include any scripts, executables, or dependency files (e.g., package.json, requirements.txt).
Audit Metadata