Skills
skills/tylersahagun/pm-workspace/initiative-status/Gen Agent Trust Hub

initiative-status

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes content from local documentation files (research, PRDs, specs) and external tool outputs (Linear, Notion). An attacker who can modify these documents could potentially influence the agent's behavior or recommendations through indirect prompt injection.
  • Ingestion points: Local markdown files (research.md, prd.md, etc.) and metadata in pm-workspace-docs/initiatives/, as well as API responses from Linear, PostHog, and Notion.
  • Boundary markers: The instructions do not define clear delimiters or warnings to ignore embedded instructions within the ingested data.
  • Capability inventory: The skill suggests or triggers internal agent commands such as /research, /pm, /design, /proto, /iterate, /validate, and /share based on the analysis.
  • Sanitization: No explicit sanitization or filtering of the content from external files or APIs is performed before processing.
  • [EXTERNAL_DOWNLOADS]: The skill uses the Composio MCP server to enrich status reports with live data from well-known services.
  • Fetches project details and issue statuses from Linear's official API.
  • Retrieves success metrics from PostHog's project insights.
  • Synchronizes project status with Notion pages via the Notion API.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 10:53 AM