tech-divergence
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill possesses a vulnerability surface for indirect prompt injection by ingesting and acting upon untrusted data from external sources.
- Ingestion points: Data enters the context via the Notion Pattern Library database, codebase searches (SemanticSearch/Grep), and external library documentation retrieved through the Context7 MCP.
- Boundary markers: Absent. There are no explicit delimiters or instructions provided to the agent to disregard potential commands embedded within retrieved technical documentation or codebase comments.
- Capability inventory: The skill has the capability to update the Notion database and significantly influence the 'Commit Plan' phase of the agent's workflow.
- Sanitization: Absent. The skill does not define any sanitization or validation steps for the content retrieved from external sources before it is used to calculate technical scores.
Audit Metadata