bear-hunter-system
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing untrusted user content. 1. Ingestion points: Phase 0 ('What are we learning? Drop your topic, notes, or material'). 2. Boundary markers: Absent from the instructions. 3. Capability inventory: Limited to text analysis and Mermaid diagram generation; no access to subprocesses, file writes, or network operations. 4. Sanitization: No specific input validation or escaping mentioned.
- [SAFE]: No obfuscation, hardcoded credentials, or persistence mechanisms were detected. The skill is entirely instruction-based and operates within the bounds of text-to-diagram generation.
- [EXTERNAL_DOWNLOADS]: No remote scripts or external package dependencies identified.
Audit Metadata