document-review
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface. The skill is designed to ingest and process untrusted content from user-generated brainstorm and plan documents.\n
- Ingestion points: SKILL.md Step 1 describes reading files from
docs/brainstorms/ordocs/plans/.\n - Boundary markers: None present; the skill lacks specific delimiters or instructions to ignore commands embedded within the documents being reviewed.\n
- Capability inventory: SKILL.md Step 5 indicates the ability to update documents inline, but no capabilities for network access or subprocess execution were identified.\n
- Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external files.
Audit Metadata