synthesis-project-management
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists of organizational guidelines for maintaining project state in a local workspace. No malicious intent or suspicious patterns were observed.
- [NO_CODE]: No executable code, scripts, or binary files are included in the skill. It relies on the agent following natural language instructions to manage documentation.
- [PROMPT_INJECTION]: The skill describes a process for reading and summarizing project files which could potentially serve as a surface for indirect prompt injection if those files contain untrusted content.
- Ingestion points: The agent is instructed to read 'index.yaml', 'CONTEXT.md', 'REFERENCE.md', and files in the '_lessons/' directory.
- Boundary markers: None explicitly defined in the skill instructions; the agent treats file content as state information.
- Capability inventory: The agent has the capability to read and write files within the specified local workspace ('ai-knowledge-{workspace}/projects/') and potentially perform git commits.
- Sanitization: There are no instructions for sanitizing or validating the content of the project files before the agent processes them.
Audit Metadata