context-recall
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from various internal files to provide historical context, creating a surface for indirect prompt injection where instructions embedded in those files could influence agent behavior.\n
- Ingestion points: The skill reads and parses multiple files from the context/ directory, including context/index.json and markdown indexes in context/decisions/, context/bets/, context/assumptions/, context/learnings/, context/portfolio/, and context/documents/.\n
- Boundary markers: The instructions do not specify the use of clear delimiters or explicit directives to ignore any instructions found within the retrieved data.\n
- Capability inventory: The skill is restricted to information retrieval and synthesis; it does not have capabilities for command execution, file system modification, or network communication.\n
- Sanitization: No sanitization or validation routines are defined for the content extracted from the external context files before processing.
Audit Metadata