knowledge-consolidation
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs local command execution during the 'Pre-Flight Check' step by running
date '+%Y-%m-%d %H:%M'via Bash to generate timestamps for document metadata. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it systematically scans and processes untrusted data from multiple sources to build frameworks.
- Ingestion points: The skill reads content from
02-personal/braindumps/,03-professional/braindumps/,04-projects/,01-daily/briefs/, and01-daily/checkins/. - Boundary markers: The instructions do not define clear delimiters or 'ignore' instructions when interpolating the contents of these documents into the synthesis prompts.
- Capability inventory: The skill has the ability to create and update files in
05-knowledge/consolidated/, move files to00-inbox/archive/, and execute shell commands. - Sanitization: There is no evidence of sanitization or validation of the ingested markdown content before it is used to generate new frameworks or update existing ones.
Audit Metadata