bkn-modeling-advisor
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is an instructional guide for business logic modeling and does not utilize any tools, perform network requests, or execute shell commands.
- [PROMPT_INJECTION]: The modeling workflow involves processing user-provided documents (such as PRDs or flow documents) in Phase 3 and the 'from_doc' mode. This creates a surface for indirect prompt injection where instructions could be embedded in the processed data. However, the impact is low because the skill lacks capabilities to interact with the system or external services, limiting any potential exploit to the conversational context.
- [SAFE]: The interaction principles and modeling phases are transparent and focused on business terminology, with built-in quality gates that require user confirmation before final output.
Audit Metadata