prioritization
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill files consist entirely of informational markdown documentation and instructional templates for prioritization frameworks (RICE, WSJF, ICE, and MoSCoW). No malicious behavior, obfuscation, or direct prompt injection attempts were identified.
- [NO_CODE]: There are no executable scripts, binaries, or software dependencies associated with this skill, eliminating risks related to unauthorized code execution or dependency-based attacks.
- [PROMPT_INJECTION]: The skill enables external data ingestion via WebFetch and WebSearch tools, creating a surface for indirect prompt injection. 1. Ingestion points: WebFetch and WebSearch tools defined in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Read, Glob, Grep, WebFetch, and WebSearch tools defined in SKILL.md. 4. Sanitization: Absent. No malicious exploitation was observed in the static content.
- [DATA_EXPOSURE_EXFILTRATION]: No hardcoded credentials, access to sensitive environment variables, or unauthorized external data transmission patterns were detected in the skill's metadata or instructional content.
Audit Metadata