outline-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes a local Python script at
.codex/skills/outline-builder/scripts/run.pyto automate tasks. This execution is confined to local skill components. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data. 1. Ingestion points: Files
outline/taxonomy.ymland those inref/agent-surveys/text/are ingested into the context. 2. Boundary markers: No explicit markers or ignore-instructions are used during interpolation. 3. Capability inventory: The skill possesses file-write capabilities (outline/outline.yml) and command execution for the local script. 4. Sanitization: No input sanitization or validation logic is specified.
Audit Metadata