propose
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill retrieves potentially untrusted data through web research and codebase investigation to inform the proposal (SKILL.md, Section 2).
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat data from research sources as distinct from its core instructions.
- Capability inventory: The skill has the capability to write markdown files (
proposal.md) to the local filesystem at~/.agent-skills/changes/(SKILL.md, Section 5). - Sanitization: No sanitization, validation, or filtering of the gathered external content is performed before it is integrated into the proposal generation process.
Audit Metadata