neurodivergent-visual-org
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection due to its handling of untrusted data inputs.\n
- Ingestion points: The skill parses user messages for distress signals and reads settings from a project-level configuration file (
.claude/neurodivergent-visual-org-preference.yml).\n - Boundary markers: The instructions do not define delimiters or structural safeguards to separate operational instructions from the data loaded from configuration files or user messages.\n
- Capability inventory: The skill utilizes powerful tools including
Read,Write,Edit, andBash(cmd:*), which could be leveraged if the agent's logic is subverted through malicious input.\n - Sanitization: No explicit sanitization or validation logic is provided to filter user input or configuration values before they are processed or rendered into Mermaid diagrams.
Audit Metadata