Skills
skills/fabioc-aloha/pbi-visual-assistant/meditation/Gen Agent Trust Hub

meditation

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill extracts information from the active session to create or update instructions and memory files. This creates a surface for indirect prompt injection, as data processed from the session context is persisted into core configuration files.
  • Ingestion points: Active session messages and tool outputs (SKILL.md).
  • Boundary markers: Not specified; the skill does not define delimiters for the extracted content.
  • Capability inventory: Write access to .github/ and /memories/ (SKILL.md).
  • Sanitization: No explicit sanitization or filtering of the persisted content is mentioned.
  • [COMMAND_EXECUTION]: The skill instructions include the creation of .cjs scripts (muscles) in the .github/muscles/ directory to automate identified patterns, representing dynamic code generation from session data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 12:53 PM