developmental-progression-synthesis
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to override safety filters, bypass constraints, or extract system prompts were detected. The skill uses standard instructional language for its intended purpose.
- [DATA_EXFILTRATION]: No network access commands (curl, wget) or sensitive file path references (e.g., .ssh, .env) were found. The skill operates solely on text provided in the user input.
- [REMOTE_CODE_EXECUTION]: No patterns of remote script execution or package installation were identified. The skill's frontmatter explicitly disables model invocation, preventing the AI from calling external tools or code execution environments.
- [COMMAND_EXECUTION]: No shell commands or system-level scripts are included in the instructions. The skill is purely generative text processing.
- [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill ingests untrusted data via the
kud_chartsandcompetency_structurevariables in SKILL.md. - Boundary markers: The prompt uses clear structural headers to separate instructions from data, though it does not include explicit delimiters for the input variables.
- Capability inventory: The skill has no capability for tool execution, file access, or network calls, as restricted by the
disable-model-invocation: truesetting. - Sanitization: No explicit sanitization of input data is performed.
- Conclusion: While the skill processes untrusted input, the lack of executable capabilities makes the indirect prompt injection surface non-exploitable.
Audit Metadata