project-stewardship
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): The instructions are focused on project management logic. No bypass patterns, role-play instructions (DAN), or system prompt extraction attempts were detected.
- Data Exposure & Exfiltration (SAFE): The skill only interacts with local project artifacts (markdown files) and does not reference sensitive system paths, credentials, or perform network requests.
- Unverifiable Dependencies (SAFE): This is a 'No Code' skill. It does not include or install any external packages or execute remote scripts.
- Indirect Prompt Injection (LOW):
- Ingestion points: The skill ingests untrusted data via
latest_updatesandobservationsfields. - Boundary markers: Absent; there are no delimiters separating external input from internal instructions.
- Capability inventory: None; the skill does not have access to subprocesses, network calls, or file-system writing outside of the specified project documents.
- Sanitization: Absent; input is processed directly into the project log.
- Risk: While the surface exists, the lack of dangerous capabilities limits the impact to purely informational manipulation of the project status.
Audit Metadata