implementation-intention-designer
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses instructional markers like 'IMPORTANT' to emphasize specificity in the 'if-then' plans. These are benign and intended for guiding the model's logic, not for bypassing safety filters or overriding system instructions.
- [DATA_EXFILTRATION]: No network operations (curl, wget, etc.) or access to sensitive local file paths (e.g., .ssh, .aws, credentials) are present in the prompt or metadata.
- [COMMAND_EXECUTION]: The skill is designed strictly for text generation and does not invoke shell commands, subprocesses, or system-level APIs.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external sources via variables like
student_profiles. While this represents a theoretical ingestion surface for untrusted content, the skill lacks the capability to execute commands or perform network operations, limiting the impact to text-based context manipulation within the LLM session. - [OBFUSCATION]: The content is entirely in plain text with no evidence of Base64, hex encoding, zero-width characters, or hidden acrostics.
Audit Metadata