delegation
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs routine business analysis and coaching. It reads from a local file (
BUSINESS_CONTEXT.md) to provide tailored advice and writes the resulting audit to thereviews/directory. - [PROMPT_INJECTION]: The skill is theoretically susceptible to indirect prompt injection if the
BUSINESS_CONTEXT.mdfile contains malicious instructions. However, because the skill lacks high-risk capabilities such as network access or shell execution, the impact is negligible. - Ingestion points: Reads
BUSINESS_CONTEXT.mdfrom the project root or current directory. - Boundary markers: None present for the file read operation.
- Capability inventory: Limited to file read and file write (
reviews/delegation-audit-[YYYY-MM-DD].md). No network or subprocess tools are requested or used. - Sanitization: No explicit sanitization or instruction-ignoring delimiters are used when processing the context file content.
Audit Metadata