ljg-invest
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external content, making it vulnerable to indirect prompt injection.
- Ingestion points: Processes project descriptions, pitch decks (BP), conversation records, and meeting notes provided by users (SKILL.md).
- Boundary markers: Absent. There are no instructions to use delimiters or to ignore potential instructions embedded within the processed materials.
- Capability inventory: The skill utilizes a 'Write' tool for file system access and a 'Research skill' or subagent for network-based data retrieval.
- Sanitization: Absent. The instructions do not specify any validation or filtering for the external inputs before they are analyzed.
- [COMMAND_EXECUTION]: Instructs the agent to use a 'Write' tool to save output files to the
~/Documents/notes/directory. - [EXTERNAL_DOWNLOADS]: The skill triggers the use of external 'Research skills' or subagents to fetch the latest financial reports and industry data for analysis.
Audit Metadata