context-save
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from user conversations and files to populate a persistent registry. This data is later read by other skills, creating a potential vector for stored malicious instructions.\n- Ingestion points: Data is gathered from user inputs, conversation history, and local files read via path.\n- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used when saving content.\n- Capability inventory: The skill performs file read/write operations within the context/ directory.\n- Sanitization: Content is extracted and saved without sanitization or validation.
Audit Metadata