context-management-context-restore
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is entirely composed of documentation and high-level architectural guidance. No malicious patterns, data exfiltration attempts, or obfuscation were detected.
- [NO_CODE]: No executable scripts (Python, JavaScript, or Shell) are provided within the skill. The code blocks and command-line examples are illustrative and intended for documentation purposes only.
- [PROMPT_INJECTION]: The skill defines an interface for ingesting external data through a 'context_source', which creates a surface for indirect prompt injection.
- Ingestion points: The skill specifies data retrieval from external vector databases or file systems via the 'context_source' and 'project_identifier' parameters.
- Boundary markers: The instructions do not prescribe the use of delimiters or 'ignore' commands for the restored context.
- Capability inventory: The skill does not provide any code or tools that would allow for command execution or network requests based on the restored content.
- Sanitization: No explicit sanitization or validation of the ingested context is described in the provided workflows.
Audit Metadata