portfolio-intelligence
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it ingests untrusted data from git commits, branch changes, and file diffs.
- Ingestion points: Processes data from the git root, including commits, branch changes, and file diffs as described in the PR Description Generation section.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified in the framework to separate untrusted data from system instructions.
- Capability inventory: Utilizes tools such as
memory_search_all,pm_portfolio, andpm_askfor data retrieval and analysis across the codebase ecosystem. - Sanitization: No sanitization or escaping of external content is mentioned for the interpolated data during description generation.
Audit Metadata