format-note
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface exists during the 'Analyse content' phase. * Ingestion points: Note files are read from the 'unpublished/' directory. * Boundary markers: No delimiters or ignore instructions are used to isolate note content from instructions. * Capability inventory: The agent is tasked with writing to the vault and daily notes based on analysis results. * Sanitization: Note content is not sanitized or escaped before processing.
- [NO_CODE]: The skill consists entirely of markdown instructions and does not include any executable scripts, binaries, or configuration files, which limits the risk of direct code execution.
Audit Metadata