project-cognitive-loop
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (project context and triggers), which creates a potential surface for indirect prompt injection attacks where data-embedded instructions could influence agent behavior.\n
- Ingestion points: Input via 'Project stage context, trigger event, and optional governance scope' in SKILL.md.\n
- Boundary markers: None identified; no explicit instructions are provided to the agent to treat this input as non-executable or to ignore embedded commands.\n
- Capability inventory: Capability to write files to 'docs/calibration/' and orchestrate other atomic skills. No network or system-level execution capabilities are present in the skill definition.\n
- Sanitization: No validation or filtering logic is defined for the input data before it is processed or included in the final report.
Audit Metadata