forgotten-elements-reminder
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted story data and tracking files. Ingestion points: character-state.json, plot-tracker.json, and story text via Read and Grep. Boundary markers: Absent. Capability inventory: Read and Grep tools; no network or write access. Sanitization: Absent. Severity is low because it only influences reasoning/display for the user.
- [Data Exposure] (SAFE): No exfiltration tools or sensitive system paths are accessed.
- [Remote Code Execution] (SAFE): No remote scripts or dynamic code execution patterns were detected.
Audit Metadata