insight-recaller
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of markdown-based instructions for the AI agent and does not include any scripts, executables, or commands.- [NO_CODE]: No programming code (Python, JavaScript, etc.) or shell scripts are present in the provided skill files.- [PROMPT_INJECTION]: The skill is intended to process 'old WPS notes' as input, which constitutes a data ingestion surface for indirect prompt injection. However, the risk is negligible because the skill lacks the capability to execute commands, access the network, or modify the underlying system.
- Ingestion points: 'old WPS notes' defined in the Inputs section of SKILL.md.
- Boundary markers: Not present; the instructions do not explicitly tell the agent to ignore instructions embedded within the notes.
- Capability inventory: None; the skill has no access to subprocesses, file-system writes, or network tools.
- Sanitization: None; the skill does not specify any validation or filtering of the input data.
Audit Metadata