wiki-setup

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill initializes a workflow for ingesting and processing source materials, which creates a surface for indirect prompt injection.\n
  • Ingestion points: The agent reads untrusted data from the raw/ directory as part of the ingest workflow defined in references/AGENTS.md.\n
  • Boundary markers: Absent. There are no instructions in SKILL.md or references/AGENTS.md to use specific delimiters or to disregard instructions contained within the source files.\n
  • Capability inventory: The agent has the capability to read local files, create and modify markdown files in the wiki/ directory, and move files from raw/ to raw/processed/ as specified in references/AGENTS.md.\n
  • Sanitization: Absent. No content filtering or validation is instructed before the agent synthesizes external content into the persistent knowledge base.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 11:08 PM
Security Audit — agent-trust-hub — wiki-setup