context-builder
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, unauthorized network access, or dangerous command executions were detected. The skill's behavior is consistent with its stated purpose of facilitating design sprints through local file interaction and user prompts.
- [PROMPT_INJECTION]: The skill ingests data from a local 'context/' directory to build background understanding, which represents a surface for Indirect Prompt Injection. Evidence: (1) Ingestion points: 'context/' folder files and 'context-builder.md'. (2) Boundary markers: Absent. (3) Capability inventory: Local file read/write operations. (4) Sanitization: Absent. The risk is considered safe as the skill lacks high-risk capabilities like network access or arbitrary shell execution.
Audit Metadata