paw-ps-software-executor
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill reads data from multiple files within the project directory to establish its operating context, creating a surface for manipulation if these files contain untrusted content.\n
- Ingestion points: Processes configuration from
.pawbytes/config/config.yamland reads curated memory from files such asproduct-context.md,audience-intelligence.md, andmarket-intelligence.md.\n - Boundary markers: The instructions lack explicit delimiters or 'ignore instructions' warnings when interpolating the contents of these external files into the agent's context.\n
- Capability inventory: The skill is designed to perform file system write operations to the
artifacts/anddaily/directories to save its outputs and logs.\n - Sanitization: No evidence of input validation, escaping, or content filtering is present for the data loaded from the memory files.
Audit Metadata