participation-warmup-planner
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes external community rules and user-provided screenshots or text pastes, which creates a potential surface for indirect prompt injection attacks.
- Ingestion points: Data enters via rule pages, moderator statements, and user exports processed in SKILL.md.
- Boundary markers: The instructions include a clear security directive to treat all such data as untrusted and prevent it from rewriting guardrails or authorizing state transitions.
- Capability inventory: The skill's capabilities are restricted to document generation and writing candidate records to local memory files. It does not perform automated network posts or arbitrary shell commands.
- Sanitization: The skill produces human-readable plans and requires testable evidence for channel graduation, ensuring that the output is subject to verification.
- [COMMAND_EXECUTION]: The skill utilizes localized Python scripts (e.g., discourse.py, hn.py) to fetch community data. These tools are restricted to reading public surfaces and do not require user credentials, minimizing the risk of credential exposure or unauthorized execution.
Audit Metadata