Skills
skills/tylerburleigh/claude-foundry/foundry-note/Gen Agent Trust Hub

foundry-note

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill processes untrusted data from an external source (the intake queue).
  • Ingestion points: The intake-list action in SKILL.md retrieves items containing titles and descriptions which are attacker-controllable.
  • Boundary markers: None identified. There are no instructions to the agent to ignore or treat the content of intake items as data only.
  • Capability inventory: The skill has the ability to modify local state via intake-add, intake-dismiss, and task-add actions.
  • Sanitization: No evidence of sanitization or filtering of the retrieved intake items before they are presented to the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 09:06 AM