Context Manager
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (INFO): This skill contains no executable scripts, binaries, or configuration files. It is strictly a markdown-based instruction set.
- [PROMPT_INJECTION] (LOW): Vulnerability surface identified for Indirect Prompt Injection (Category 8). The skill instructs the agent to ingest and summarize conversation history. 1. Ingestion points: Conversation history and user-provided inputs within the logic of 'Workflow 2' and 'Workflow 3'. 2. Boundary markers: Absent in the provided prompt templates. 3. Capability inventory: The skill influences the agent's internal reasoning and memory state. 4. Sanitization: No explicit sanitization or filtering of historical content is described.
Audit Metadata