smart-archive
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill's archival instructions create an indirect prompt injection vulnerability surface. * Ingestion points: Data is ingested from files in the
.ai_state/directory. * Boundary markers: The instructions lack requirements for delimiters when appending data toconventions.md. * Capability inventory: The agent is authorized to move, write, and delete files. * Sanitization: There is no instruction to sanitize or validate content before it is processed. - [NO_CODE]: The skill is composed entirely of natural language instructions and does not provide any code or scripts.
Audit Metadata