guided-ooda-loop
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill represents a legitimate reasoning framework designed to structure complex tasks. It manages state via local files and relies on standard agent tools for research and code analysis, with no evidence of malicious intent or unauthorized actions.
- [INDIRECT_PROMPT_INJECTION]: The skill maintains a data ingestion surface that is potentially vulnerable to indirect prompt injection from processed research and user input. This is inherent to the skill's purpose and is mitigated by structured interaction and explicit user confirmation steps.
- Ingestion points: Data is collected in
rough-idea.md,observe/research.md, andobserve/idea-honing.mdfrom external research and user responses. - Boundary markers: The system uses markdown formatting and frontmatter for structure but lacks explicit delimiters or instructions to ignore embedded commands within ingested data.
- Capability inventory: The skill has the ability to write to the file system and utilize web search tools like 'peccy web search'.
- Sanitization: There is no explicit sanitization of external content before it is written to artifacts, though the process is mediated by a multi-step user interaction.
Audit Metadata