process-rules
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it processes and persists data from untrusted session logs into long-term memory. Ingestion points: Reads and summarizes session history and user-reported mistakes. Boundary markers: Absent; no clear delimiters separate session data from the instructions being generated. Capability inventory: Modifies persistent documentation files including
workflows/*.mdandLESSONS_LEARNED.md. Sanitization: None specified. Mitigation: The skill protocol explicitly mandates user approval for all rule changes and workflow edits. - No Code (SAFE): No executable scripts, binaries, or system commands are present in the provided skill file.
Audit Metadata