context-fundamentals
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides utilities for constructing agent context from external inputs, creating a surface for indirect prompt injection.
- Ingestion points: scripts/context_manager.py (functions load_summary, load_detail, and build_agent_context) and the documents parameter.
- Boundary markers: The documentation in SKILL.md and references/context-components.md suggests using XML-style tags to delineate context sections.
- Capability inventory: scripts/context_manager.py implements file read operations using the open function.
- Sanitization: No explicit sanitization or path validation is performed on data integrated into the context.
Audit Metadata