mckinsey-7s
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized command execution were detected. The skill is primarily instructional and contains no executable code or scripts.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and original research from McKinsey & Company and ScienceDirect. These are recognized, authoritative sources for business strategy frameworks and do not present a security risk.
- [PROMPT_INJECTION]: The skill functions by ingesting and analyzing untrusted organizational data, creating an indirect prompt injection surface.
- Ingestion points: Workflow sections in
SKILL.mdwhere the agent is prompted to collect strategy memos, org charts, and descriptions of leadership behavior. - Boundary markers: No specific delimiters are mandated for the external data.
- Capability inventory: The skill utilizes
Read,Grep,WebSearch, andWebFetchtools as specified in the frontmatter configuration. - Sanitization: No technical sanitization of ingested content is specified; however, the skill provides clear operational instructions to exclude sensitive personal and business data from analysis.
Audit Metadata