diary
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill functions as a productivity tool for maintaining implementation logs. It uses standard file operations within the project's documentation directory and does not require elevated privileges or external network connections. The verbatim prompt recording may lead to accidental exposure of sensitive data if prompts contain secrets and files are shared, but this is a consequence of the tool's intended purpose.
- [PROMPT_INJECTION]: The skill features a surface for indirect prompt injection (Category 8) by recording user interactions in documentation.
- Ingestion points: The skill directs the agent to save the 'Verbatim prompt' in diary files located in
docs/diary/as instructed inSKILL.md. - Boundary markers: Prompts are stored under specific Markdown headers (
### Prompt Context), providing structural separation but lacking explicit instructions for downstream agents to ignore embedded commands. - Capability inventory: The skill is designed for documentation and project tracking, limiting its actions to file system management within the repository.
- Sanitization: No sanitization or escaping is performed on the user prompts before they are written to the diary files.
Audit Metadata