project-wiki
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data (such as research papers, URLs, and interview transcripts) to generate wiki content. This creates a surface for indirect prompt injection where malicious instructions embedded in those sources could influence the agent's synthesis.
- Ingestion points: Reads files from
wiki/raw/,docs/planning/, and external URLs or text provided by the user. - Boundary markers: None explicitly specified in the instructions to delimit ingested content from system instructions.
- Capability inventory: The agent can read and write markdown files within the repository (
wiki/pages/,AGENTS.md,CLAUDE.md). - Sanitization: No specific sanitization or validation of the content extracted from external sources is mentioned before writing to the wiki.
Audit Metadata