Skills
skills/edwinhu/workflows/data-context/Gen Agent Trust Hub

data-context

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to programmatically generate directory structures and write multiple markdown files (SKILL.md, entities.md, etc.) to the local .claude/skills/ path.
  • [PROMPT_INJECTION]: Employs highly directive instructions and 'Iron Laws' (e.g., 'not negotiable', 'YOU MUST') to enforce a rigid state-machine interview process.
  • [PROMPT_INJECTION]: Includes an indirect prompt injection surface as it captures unvalidated user interview data and persists it into executable skill instructions. 1. Ingestion points: User interview inputs collected via the chat interface. 2. Boundary markers: No explicit delimiters or safety warnings are included in the generated skill templates. 3. Capability inventory: Writing new skill files to the local project root. 4. Sanitization: No evidence of input validation or escaping before data is written to the persistent skill files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 08:06 AM