decision-gate
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to execute local scripts (scripts/decision_gate.sh and scripts/decision_gate.py) with parameters derived from user input. While intended for interaction, the absence of the scripts themselves prevents a full audit of the execution safety.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8). Evidence: (1) Ingestion points: Untrusted user prompts are consumed to generate gating context. (2) Boundary markers: No delimiters or instructions to ignore embedded commands are specified. (3) Capability inventory: The skill triggers script execution and controls agent workflow redirection. (4) Sanitization: There is no mention of sanitizing or escaping the user-provided content before it is processed by the decision gate.
- [NO_CODE] (INFO): The analysis is based solely on the markdown instructions provided; the implementation scripts mentioned in the mandatory workflow were not included in the skill package.
Audit Metadata