telos-guardian
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate project management functions by reading and writing markdown files within the local workspace. Its operations are transparent and consistent with its described purpose, with no evidence of sensitive data access or external communication.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes user-provided data from the 'TELOS.md' file and the project codebase to perform feature evaluations. This is a common vulnerability surface for tools that analyze existing project content.\n
- Ingestion points: 'TELOS.md' file and the project directory structure/source files during architectural scans.\n
- Boundary markers: None specified; file contents are read directly into the context.\n
- Capability inventory: Local file system read and write access.\n
- Sanitization: No explicit validation or filtering of input file content is performed.
Audit Metadata