docs-explorer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill retrieves content from external sources (brain repos and Notion), which provides a surface for indirect prompt injection.\n
- Ingestion points: Brain repository paths and Notion page content specified in SKILL.md.\n
- Boundary markers: Absent; there are no instructions to the agent to distinguish between its own logic and instructions found within documents.\n
- Capability inventory: No code execution or file-write permissions are defined in this skill.\n
- Sanitization: Absent; content is synthesized into the output format without validation.\n- [No Code] (SAFE): The skill definition contains only natural language and markdown templates, with no executable logic or scripts.
Audit Metadata