project-quality-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill accepts untrusted content through the 'deliverable' input, which could contain hidden instructions intended to override the agent's logic or force a specific verdict.
- Ingestion points: 'deliverable' variable in SKILL.md.
- Boundary markers: Absent. There are no instructions to encapsulate the deliverable or ignore instructions within it.
- Capability inventory: No code execution or network capabilities were found; the agent only generates Markdown text.
- Sanitization: Absent.
Audit Metadata