find-gaps
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a structured, human-in-the-loop process for artifact review. It contains no executable code, remote network operations, or sensitive file access.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes untrusted user-provided artifacts and generates updates based on them. However, the risk is mitigated by explicit instructions to confirm every change with the user.
- Ingestion points: User-provided plans, specs, and design mocks (SKILL.md).
- Boundary markers: None specified in the instructions for separating artifact content from agent instructions.
- Capability inventory: The skill is instructed to write confirmed updates to the source of truth (file, canvas, or document) and uses the
AskUserQuestiontool for interaction. - Sanitization: Relies on a conversational loop and a human reviewer to verify and confirm all proposed artifact updates before they are written to the destination.
Audit Metadata