Skills
skills/jim60105/copilot-prompt/write-local-report/Gen Agent Trust Hub

write-local-report

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the project environment to populate reports.\n
  • Ingestion points: The agent reads project source code, file history, and existing reports in the .github/reports/ directory to document work performed.\n
  • Boundary markers: The instructions do not define delimiters or provide warnings to ignore instructions embedded within the processed project data.\n
  • Capability inventory: The skill has the capability to write files to the local file system (specifically in the .github/reports/ directory).\n
  • Sanitization: There is no mention of sanitizing or escaping content retrieved from the project before including it in the generated reports.\n- [NO_CODE]: This skill contains no executable scripts or source code; it consists solely of Markdown templates and documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 01:23 AM