gps-method
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No evidence of malicious instructions or attempts to override system behavior detected. The instructions are focused entirely on the GPS goal-setting methodology.
- Data Exposure & Exfiltration (SAFE): No access to sensitive files or environment variables. There are no network operations (curl, fetch, etc.) present in the skill files.
- Unverifiable Dependencies & Remote Code Execution (SAFE): This is a no-code skill consisting only of Markdown instructions and templates. No external packages or scripts are downloaded or executed.
- Indirect Prompt Injection (SAFE): While the skill processes untrusted user input (goal definitions and plans), it possesses no executable capabilities or tool access that could be exploited by such input.
- Ingestion points: User descriptions of goals and plans in
SKILL.md. - Boundary markers: None explicitly defined, but logic is contained within a text-based conversational framework.
- Capability inventory: None (no scripts, network, or file-system write access).
- Sanitization: None required as there are no downstream execution targets.
Audit Metadata