juma-client-brief
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or technical vulnerabilities were detected across the analyzed files. The skill is entirely instructional.
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by ingesting raw client text. This is assessed as safe because the skill lacks exploitable capabilities such as shell access or network connectivity. Ingestion point: Raw client request capture in SKILL.md. Boundary markers: Output template uses markdown blockquotes to isolate client text. Capability inventory: No subprocess, network, or file-write operations. Sanitization: Step 7 incorporates a mandatory human-in-the-loop review and approval phase.
Audit Metadata