onboarding
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate workspace setup and profile generation tasks as described in its purpose.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing conversational user input to populate configuration files.
- Ingestion points: Natural language user responses regarding name, role, interests, and projects are captured during the onboarding flow in
SKILL.md. - Boundary markers: Absent. User input is directly interpolated into markdown templates without specific delimiters or warnings to ignore embedded instructions.
- Capability inventory: The skill uses file and directory creation capabilities to write markdown files across the
00-inbox/,03-professional/, and04-projects/directories. - Sanitization: The skill does not implement explicit validation or escaping for user-provided strings before writing them to the file system.
Audit Metadata