retro
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate utility for project management by aggregating and summarizing engineering activities. It interacts with specialized One Horizon tools to fetch data and stores the summarized reports in a dedicated local directory.- [SAFE]: Evaluation of the indirect prompt injection surface: 1. Ingestion points: Work summaries, task details, and blocker lists retrieved via One Horizon MCP tools (SKILL.md). 2. Boundary markers: The skill does not define specific delimiters to wrap external content from task titles or descriptions. 3. Capability inventory: Local file operations limited to reading and writing JSON snapshots in the .context/retros/ directory (SKILL.md). 4. Sanitization: No explicit validation or escaping of external content is performed. 5. Assessment: While the skill processes untrusted user-controlled text from task descriptions, the lack of dangerous capabilities (such as shell execution or external network calls using that data) keeps the risk profile minimal.
Audit Metadata