initiative-summary
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or sensitive data access were detected. The skill uses standard MCP tools from the vendor.
- [PROMPT_INJECTION]: The skill possesses a data ingestion surface in SKILL.md where external JSON data is passed to the summary tool. Evidence chain: 1. Ingestion point: 'initiatives' argument in tool call; 2. Boundary markers: Absent; 3. Capability inventory: No dangerous subprocess, network, or file operations; 4. Sanitization: Not specified. This represents a surface for indirect prompt injection but is safe due to the lack of exploitable tools.
Audit Metadata