outline
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Vulnerability surface for indirect prompt injection from wiki data. Ingestion points: Content enters the agent context through the 'read', 'search', and 'export' commands which retrieve document text from the Outline API. Boundary markers: Absent; the documentation does not indicate the use of delimiters or 'ignore' instructions to isolate retrieved wiki content. Capability inventory: The skill possesses network access to the Outline API, the ability to write to local files via 'export --output', and modification rights to wiki content via 'create' and 'update' commands. Sanitization: No evidence of input sanitization or validation of the wiki content before presentation to the agent.
Audit Metadata