barry-logic-training
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process untrusted user materials, such as emails, reports, and meeting transcripts, which could contain malicious instructions.
- Ingestion points: User-provided text in both 'Exploration' and 'Organization' modes (SKILL.md).
- Boundary markers: Absent. There are no instructions or delimiters used to ensure the agent ignores embedded commands within the analyzed content.
- Capability inventory: Local file system read access (used to retrieve methodology wiki files).
- Sanitization: Absent. The agent processes the raw text provided by the user without validation or filtering.
- [DATA_EXFILTRATION]: The skill instructs the agent to search for and read files from several sensitive paths in the user's home directory (e.g.,
~/.claude/skills/,~/.cursor/skills/). While this is intended to locate thebarry-methodologyresource, scanning common application configuration and skill storage directories can lead to unintended data exposure if the process is manipulated.
Audit Metadata