prompt-skill
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected. The content is strictly focused on UI formatting.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded secrets, or network exfiltration patterns were found. The skill operates locally on user input.
- [External Downloads] (SAFE): The skill references the 'questionary' package, which is a standard and well-known library for interactive CLI prompts. No unverified remote scripts or piped bash commands are present.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted user input via terminal prompts. While this represents a surface for indirect injection, the skill lacks the high-privilege capabilities (like network access or arbitrary shell execution) necessary to weaponize such an attack. Evidence:
- Ingestion points: questionary.text, questionary.select, and other input functions in SKILL.md.
- Boundary markers: Standard prompt delimiters are used, though no specific instructions to ignore embedded commands are present.
- Capability inventory: The skill is restricted to Read/Write operations and UI rendering.
- Sanitization: Includes basic input validation for titles and dates.
Audit Metadata