Skills
skills/graemerycyk/openpmkit/one-pager/Gen Agent Trust Hub

one-pager

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill processes untrusted user data which could contain instructions that attempt to override the agent's behavior.
  • Ingestion points: The documents, requirements, and data_points fields in SKILL.md ingest external content.
  • Boundary markers: Absent. The template directly interpolates user input using {{placeholder}} syntax without using XML delimiters or specific 'ignore' instructions for the source content.
  • Capability inventory: Safe. The skill does not have access to any tools, filesystem operations, network requests, or shell execution.
  • Sanitization: Absent. There is no logic to filter or escape instructions within the provided documents.
  • [No Code] (SAFE): The skill consists entirely of natural language instructions and templates. No Python or JavaScript code is included, eliminating risks associated with malicious dependencies or remote code execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 04:09 PM