sred-project-organizer
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill follows a legitimate workflow for project organization and tax incentive preparation. It uses local reference files and official templates provided by the vendor (getsentry) and the Canadian government. No evidence of obfuscation, malicious network operations, or credential harvesting was found.\n- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes content from untrusted external sources (Notion docs, GitHub PRs, and Linear tickets).\n
- Ingestion points: Processes the Work Summary Notion document, individual Notion docs for projects, GitHub Pull Requests, and Linear tickets.\n
- Boundary markers: None specified in the instructions to distinguish between instructions and data in the ingested content.\n
- Capability inventory: Creating and writing to Notion documents (via MCP), and reading from GitHub and Linear.\n
- Sanitization: No explicit sanitization or filtering of external content is mentioned.\n
- Assessment: This risk is considered safe within the context of the skill's primary purpose. The workflow incorporates several manual human-in-the-loop steps (Steps 3, 5.3, 5.4, and 5.8) requiring the user to review and confirm all identified projects, uncertainties, and generated summaries before the skill proceeds.\n- [COMMAND_EXECUTION]: The skill optionally uses the
ghCLI tool to fetch pull request data. This is a standard and transparent use of developer tooling for a productivity skill focused on project aggregation.
Audit Metadata