project-manager
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No security vulnerabilities, malicious instructions, or data exfiltration patterns were detected. The content is focused on professional project management governance.
- [NO_CODE]: The skill is comprised entirely of Markdown files (SKILL.md and reference templates). It does not ship with any Python, Node.js, or shell scripts, eliminating the risk of direct execution of malicious code.
- [COMMAND_EXECUTION]: Although the skill's metadata allows the use of the
Bashtool, the instructions themselves do not contain any predefined commands, subprocess calls, or scripts for execution. - [SAFE]: The skill functions by aggregating reports and updates from other team roles, which represents a potential surface for indirect prompt injection. However, the methodology described is purely instructional and lacks any dangerous capabilities that could be triggered by such data.
- Ingestion points:
SKILL.md(receives progress updates, technical feasibility reports, and quality check results from team roles). - Boundary markers: None identified in the instructional text.
- Capability inventory:
Read,Grep,Glob, andBashare listed as allowed tools. - Sanitization: No specific input validation or sanitization procedures are described.
Audit Metadata