stakeholder-update
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions designed to override the agent's core safety protocols or bypass system constraints were identified. The guidelines provided are consistent with the stated purpose of professional communication.
- [DATA_EXFILTRATION] (SAFE): There are no network-related commands (like curl or fetch) and no access patterns for sensitive local files or directories.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill contains no scripts, shell commands, or external package dependencies. It consists entirely of markdown-based instructions.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to process external project data provided by the user. However, since the skill has no capability to execute code, write to the filesystem, or communicate over the network, the risk of an injection attack causing harm is negligible.
- [OBFUSCATION] (SAFE): No encoded strings, homoglyphs, zero-width characters, or hidden content were detected. All text is human-readable markdown.
Audit Metadata