postmortem-writing
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements a 'Memory Protocol' that mandates the agent to persist 'learnings', 'issues', and 'decisions' into local storage files (
.claude/context/memory/). This creates a vulnerability to indirect prompt injection where malicious instructions embedded in incident data could be persisted into the agent's long-term context. - Ingestion points: Incident data, logs, and user reports processed in
SKILL.md. - Boundary markers: None present in the provided templates.
- Capability inventory: The skill explicitly lists the
Writetool. - Sanitization: No sanitization or 'ignore instructions' warnings for external content are provided.
- [PROMPT_INJECTION]: The skill uses authoritative language such as 'Iron Laws' and 'MANDATORY' protocols in
SKILL.md, combined with a command file (commands/postmortem-writing.md) that instructs the agent to 'follow it exactly as presented to you', which attempts to override default agent behavioral constraints.
Audit Metadata