stocktake
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs read-only audits on the agent's own skills directory and saves results to a local cache. It explicitly requires user confirmation for any actions that would modify or delete files.
- [PROMPT_INJECTION]: The skill processes content from other skills during its quality evaluation phase, creating a surface for indirect prompt injection. This is an inherent property of auditing tools, and the skill mitigates impact by requiring human-in-the-loop confirmation.
- Ingestion points: The audit reads all file contents within the 'skills/' folder.
- Boundary markers: None specified in the instructions for the evaluation agent.
- Capability inventory: Limited to file system reads and writing a JSON results file.
- Sanitization: Results are presented to the user for verification before any further steps are taken.
Audit Metadata