Lore
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill package is composed entirely of Markdown documentation and reference materials. No Python, JavaScript, or shell scripts are present.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks due to its function of harvesting insights from untrusted agent journals and logs. (1) Ingestion points: .agents/*.md, Triage postmortems, and Mend logs. (2) Boundary markers: Present in the form of structured output templates (METAPATTERNS.md) and explicit evidence citation rules. (3) Capability inventory: The skill is restricted to file management and messaging; it lacks shell access or network capabilities. (4) Sanitization: Mitigated by the requirement for 3+ evidence instances for pattern promotion and manual contradiction resolution protocols.
- [SAFE]: The analysis detected no evidence of obfuscation, exfiltration, or persistence mechanisms. External references are limited to well-known research and technical documentation.
Audit Metadata