pitch-narrative-builder
Pass
Audited by Gen Agent Trust Hub on Jul 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A comprehensive review of the skill's instructions, metadata, and logic revealed no malicious patterns, obfuscation, or unauthorized access to sensitive user information.
- [PROMPT_INJECTION]: The skill interacts with untrusted external data (such as pasted decks and metrics), which presents a surface for indirect prompt injection. This risk is addressed by an explicit instruction to the agent to treat such data as untrusted and to never follow instructions embedded within it. The ingestion points are identified as user-provided traction metrics and deck content; the capability inventory is restricted to local markdown file operations; and sanitization is implemented through prescriptive behavioral constraints.
Audit Metadata