prism
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No security issues detected. The skill is purely informational and contains no executable scripts or commands.- [NO_CODE]: The skill consists entirely of Markdown documentation and prompt templates, eliminating risks associated with code execution or dependency vulnerabilities.- [INDIRECT_PROMPT_INJECTION]: The skill's workflow involves advising users on processing external data (PDFs, URLs, etc.), which represents an indirect injection surface for the target application (NotebookLM).
- Ingestion points: Sources defined in
references/source-preparation.mdincluding PDFs, Google Docs, Web URLs, and YouTube transcripts. - Boundary markers: Absent; templates do not include specific delimiters or safety instructions for input content.
- Capability inventory: None; the skill is explicitly 'no code' and lacks command execution or network capabilities.
- Sanitization: Absent; the skill does not provide guidance on validating or sanitizing source material.
Audit Metadata