Skills
skills/aiskillstore/marketplace/ceo-personal-os/Gen Agent Trust Hub

ceo-personal-os

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a functional workflow that ingests and processes untrusted data from a local directory.
  • Ingestion points: Instructions in SKILL.md direct the agent to read and summarize document files placed in the ceo-personal-os/uploads/ directory.
  • Boundary markers: None. The instructions do not define delimiters or provide warnings to ignore instructions embedded within the processed content.
  • Capability inventory: The agent is tasked with reading external files, performing summarization, and writing extracted themes to a persistent memory.md file.
  • Sanitization: The skill lacks instructions for the agent to sanitize, validate, or filter the content of the processed files before summarizing or storing insights.
  • [PROMPT_INJECTION]: The skill includes a metadata file (skill-report.json) containing self-referential claims about its own security status.
  • Evidence: The security_audit object within skill-report.json asserts a 'safe' risk level and claims the skill is 'safe to publish'. These claims are analyzed as data and are not treated as authoritative conclusions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 01:52 PM
Security Audit — agent-trust-hub — ceo-personal-os