managing-timelines
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): An indirect prompt injection surface exists in the project intake phase where the skill processes untrusted user data. Evidence Chain: 1. Ingestion points:
SKILL.md(Step 1) andreferences/INTAKE.md. 2. Boundary markers: Absent. 3. Capability inventory: No tools or dangerous capabilities (no shell, network, or file operations). 4. Sanitization: Absent. The risk is minimized by the lack of actionable tools.\n- [DATA_EXFILTRATION] (SAFE): No network operations, hardcoded credentials, or access to sensitive local file paths (e.g., ~/.ssh, ~/.aws) were detected.\n- [REMOTE_CODE_EXECUTION] (SAFE): No patterns for remote script execution (curl|bash), dynamic code evaluation (eval/exec), or external package installation were found.\n- [NO_CODE] (SAFE): This skill is entirely instructional and consists of Markdown documentation and templates. No executable code or scripts are included in the package.
Audit Metadata