okr-capture
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the capture of untrusted user input into local markdown files, which is a surface for indirect prompt injection.
- Ingestion points: User input provided as text or notes in SKILL.md (Phase 1).
- Boundary markers: Present. The skill mandates a confirmation step in Phase 3 and wraps user content in blockquotes within the 'Context gốc' section of the output file.
- Capability inventory: File creation (writing .md files to the .okr/inbox/ directory).
- Sanitization: Absent. User input is stored as provided, though it is visually separated in the markdown structure.
Audit Metadata