diagram
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill is granted access to the
Bashtool to perform operations such as directory management and git-based auditing (e.g., comparing file dates). This is a standard but high-privilege capability for developer skills. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because its core logic requires the agent to
Readand follow the 'exact patterns and quality standards' found in external reference files and diagram content. Ingestion points: Content fromreferences/*.mdandai/diagrams/**/*.md. Boundary markers: Absent; the instructions do not specify delimiters or provide warnings to ignore embedded instructions in the data being processed. Capability inventory: IncludesBash,Write,Edit,Read, andGlob, which could be exploited if the agent follows malicious instructions in a diagram file. Sanitization: Absent; there is no logic provided to sanitize or validate the content of the markdown files before the agent adopts their patterns.
Audit Metadata