Skills
skills/product-on-purpose/pm-skills/iterate-retrospective/Gen Agent Trust Hub

iterate-retrospective

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected across the analyzed files. The skill is composed entirely of facilitation instructions and templates.
  • [PROMPT_INJECTION]: Facilitation steps focus on legitimate project management goals and do not contain patterns intended to bypass agent safety filters or override behavior.
  • [DATA_EXFILTRATION]: No commands or code for accessing sensitive local files or performing network exfiltration were found.
  • [REMOTE_CODE_EXECUTION]: The skill does not download external scripts or install third-party packages.
  • [PROMPT_INJECTION]: Indirect Prompt Injection surface analysis:
  • Ingestion points: Team member observations and feedback gathered during the retrospective (referenced in SKILL.md and TEMPLATE.md).
  • Boundary markers: Markdown headers are used for organization, but no explicit 'ignore embedded instructions' warnings are present.
  • Capability inventory: No dangerous tools, shell commands, or file-writing operations are defined within the skill.
  • Sanitization: No input sanitization or validation logic is specified for the captured retrospective data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 12:45 PM