premortem
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill is designed to scan the user's workspace for project context, specifically looking for files like
CLAUDE.mdand directories such asmemory/. This file access is transparently described and essential for grounding its risk analysis in actual project details. - [COMMAND_EXECUTION]: The instructions direct the agent to generate and then open an HTML report (
premortem-report-[timestamp].html). This involves standard file-writing and file-opening operations used to present results to the user. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests data from external project files and interpolates it into prompts for sub-agents.
- Ingestion points: Workspace files (identified in
SKILL.mdunder Step 1: scan for existing context). - Boundary markers: The sub-agent prompt template uses
---delimiters, though it lacks explicit warnings to ignore instructions within the project data. - Capability inventory: Uses
GlobandReadfor discovery, andWritefollowed byOpenfor report delivery. - Sanitization: No explicit sanitization of the file content is performed before it is processed by sub-agents.
Audit Metadata