00-andruia-consultant
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for project scaffolding and architectural consulting. It provides a structured workflow for analyzing if a directory is empty or contains existing code, subsequently generating planning documents.
- [INDIRECT_PROMPT_INJECTION]: The skill demonstrates an attack surface for indirect prompt injection as it performs a technical scan of existing project files (e.g., src, package.json).
- Ingestion points: Reads files and structure within the local workspace (SKILL.md, Scenario B).
- Boundary markers: Absent; there are no specific instructions to ignore embedded commands within the files being scanned.
- Capability inventory: The skill has the capability to write local Markdown files (tareas.md, plan_implementacion.md) and suggest the use of other agent skills. It does not possess network access or arbitrary code execution capabilities.
- Sanitization: None specified for the content read from the workspace.
- Risk Assessment: Given that the capabilities are limited to local documentation generation, the risk is minimal.
Audit Metadata