numerology-fortune
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted user data (full legal names) and stores it in
MEMORY.mdfor later use in system prompts. - Ingestion points: User-provided name and birth date collected via instructions in
SKILL.md. - Boundary markers: Absent. The skill uses standard markdown headers for data organization but lacks explicit delimitation or instructions for the agent to ignore commands within the data.
- Capability inventory: The agent has the ability to read and write to
MEMORY.mdandfortune-hub/MEMORY.md. - Sanitization: No sanitization is performed on the user-provided strings before they are persisted or re-processed.
- [SAFE]: The skill's logic is entirely self-contained within the provided reference files. No external network requests, remote code execution patterns, or unauthorized privilege escalations were detected. The handling of personal data is limited to local storage for the stated purpose of profile caching.
Audit Metadata