running-decision-processes
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns or security risks were identified. The skill is composed of purely static documentation and workflow templates.
- Indirect Prompt Injection (LOW): The skill processes user-supplied context for decision-making artifacts, creating a minor injection surface. Evidence Chain: 1. Ingestion points: Decision context provided by users in
SKILL.mdandreferences/INTAKE.md. 2. Boundary markers: Absent; templates do not use specific delimiters to isolate user-supplied data. 3. Capability inventory: The skill allows the agent to write files to user-specified directories as described inREADME.md. 4. Sanitization: Absent; inputs are directly interpolated into the Decision Process Pack. The risk is considered low as the skill lacks high-privilege capabilities such as arbitrary code execution or network exfiltration.
Audit Metadata