vault-templates
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to override agent behavior or bypass safety guidelines were found in the instructions.
- [DATA_EXFILTRATION]: The skill operates on local markdown files within the user's vault. No network operations or access to sensitive system files (e.g., SSH keys, credentials) were detected. All tools used (Grep, Edit, Read) are scoped to the file system context provided.
- [REMOTE_CODE_EXECUTION]: No remote scripts are downloaded or executed. The skill relies on local commands like
rg(ripgrep) for searching, which is standard for file management tasks. - [OBFUSCATION]: The content is clear and uses standard Markdown formatting. No hidden characters, Base64 encoding of commands, or other obfuscation techniques were identified.
- [INDIRECT_PROMPT_INJECTION]: The skill reads external data (markdown files), which is a potential ingestion point for indirect prompt injection. However, the instructions provide specific, limited logic for string replacement (e.g., replacing
{{title}}with the filename) which reduces the risk of the agent executing arbitrary instructions found within the files.
Audit Metadata