Skills
skills/generaljerel/chalk-skills/create-roadmap/Gen Agent Trust Hub

create-roadmap

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious instructions, obfuscation, or unauthorized remote communications were detected in the skill.
  • [SAFE]: Access is limited to project documentation in the '.chalk/docs/' folder; the skill does not attempt to read sensitive system files, environment variables, or user credentials.
  • [COMMAND_EXECUTION]: The skill uses Read, Write, Glob, and Grep tools for markdown file management but is not capable of shell command execution or running external binaries.
  • [PROMPT_INJECTION]: The skill reads local documentation which could be a source of indirect prompt injection. Ingestion points: '.chalk/docs/product/' and '.chalk/docs/engineering/' (SKILL.md). Boundary markers: Absent. Capability inventory: Read, Write, Glob, and Grep tools (SKILL.md). Sanitization: Absent. The risk is safe given the restricted local scope and lack of network/execution capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 08:10 AM
Security Audit — agent-trust-hub — create-roadmap