client-proposal
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of Markdown documentation and templates for generating project proposals. It does not contain executable code, binary files, or installation scripts.
- [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file path access, or unauthorized network operations were detected. File system operations are limited to organizing audit results within a local directory.
- [PROMPT_INJECTION]: The skill processes untrusted content from external website audits, which is an attack surface for indirect prompt injection. 1. Ingestion points: Prospect website URLs and content extracted during audits. 2. Boundary markers: Absent in the provided templates. 3. Capability inventory: File system writes to the 'proposal-data/' directory. 4. Sanitization: No specific data validation or escaping is defined in the instructions. This surface is inherent to the skill's intended functionality and does not involve critical capabilities like arbitrary command execution.
Audit Metadata