Skills
skills/vamseeachanta/workspace-hub/gsd-resume-work/Gen Agent Trust Hub

gsd-resume-work

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Surface for indirect prompt injection through the processing of untrusted project files.
  • Ingestion points: The skill reads and acts upon several workspace files, including STATE.md, .continue-here, PLAN, SUMMARY, and CONTEXT.md (documented in SKILL.md).
  • Boundary markers: The instructions lack explicit delimiters or instructions for the agent to disregard embedded commands within these files.
  • Capability inventory: The skill is configured to use spawn_agent (via Task mapping) and request_user_input (via AskUserQuestion mapping), as specified in the <codex_skill_adapter> block.
  • Sanitization: No sanitization or validation logic is defined for the content ingested from the project files before it influences agent behavior or subagent spawning.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:33 AM