remember
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): The skill instructions create an indirect prompt injection vulnerability. 1. Ingestion points: Content is parsed directly from the $ARGUMENTS variable. 2. Boundary markers: No delimiters are specified to isolate user content from the Markdown file structure or frontmatter. 3. Capability inventory: The skill has the capability to write files to the local file system (Obsidians vault). 4. Sanitization: No sanitization or escaping of the user content is performed, allowing potentially malicious instructions to be stored.
- NO_CODE (SAFE): This skill consists solely of Markdown instructions for the agent and does not include any executable code, scripts, or external package dependencies.
Audit Metadata