fpf-strategize
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is composed strictly of Markdown documentation and prompt instructions, with no executable scripts or binaries included.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from external problem (PROB-) and state-of-the-art (SOTA-) files to generate its output. There are no defined boundary markers to delimit external content, nor is there explicit sanitization for the file path construction which utilizes a user-influenced slug. This vulnerability surface is documented as a inherent risk of processing untrusted architectural documentation.
Audit Metadata