proposal-strategist
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
bashandgittools to perform operations such as executing commands, running tests, and managing file history within the workspace. These capabilities are intended for managing proposal artifacts but represent a broad execution surface. - [PROMPT_INJECTION]: The skill's core workflow involves an 'Opportunity Analysis' phase which deconstructs untrusted external inputs such as 'RFP or opportunity briefs'. This represents an indirect prompt injection surface where malicious instructions embedded in the analyzed documents could attempt to hijack the agent's logic.
- Ingestion points: Processes external 'RFP or opportunity brief' content during the 'Opportunity Analysis' step.
- Boundary markers: None identified; the skill does not define delimiters or provide instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill has access to
bash,git, and file system read/write operations via its defined tools. - Sanitization: No sanitization or validation of the input content is specified in the instructions.
Audit Metadata