wiki-setup
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill initializes a workflow for ingesting and processing source materials, which creates a surface for indirect prompt injection.\n
- Ingestion points: The agent reads untrusted data from the
raw/directory as part of the ingest workflow defined inreferences/AGENTS.md.\n - Boundary markers: Absent. There are no instructions in
SKILL.mdorreferences/AGENTS.mdto use specific delimiters or to disregard instructions contained within the source files.\n - Capability inventory: The agent has the capability to read local files, create and modify markdown files in the
wiki/directory, and move files fromraw/toraw/processed/as specified inreferences/AGENTS.md.\n - Sanitization: Absent. No content filtering or validation is instructed before the agent synthesizes external content into the persistent knowledge base.
Audit Metadata