project-workspace
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to perform file system operations, such as creating directory structures and generating Markdown files for project organization.
- Evidence: instructions to create paths like
notes\findings.mdandscreenshots\under a designated project root inSKILL.md. - [EXTERNAL_DOWNLOADS]: The agent is instructed to verify facts and pricing using well-known services to populate documentation artifacts.
- Evidence: instructions to use
official Microsoft Learn,Azure pricing, and theAzure Retail Prices APIinSKILL.md. - [PROMPT_INJECTION]: The skill ingests user-provided topics to generate folder names and content, which creates a surface for indirect prompt injection.
- Ingestion points: User-provided project topic and folder slug in
SKILL.md. - Boundary markers: Absent for the interpolation of untrusted user input into generated file content.
- Capability inventory: File system write access across the project workspace.
- Sanitization: Includes logic to convert informal or Japanese input into structured English kebab-case slugs.
Audit Metadata