three-horizons

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill's functionality is limited to reasoning and documentation.
  • [NO_CODE]: The skill consists entirely of markdown and JSON metadata; no executable scripts (Python, Node.js) are included.
  • [EXTERNAL_DOWNLOADS]: The skill references several external URLs for framework grounding, such as McKinsey, HBR, and BCG. These are well-known professional organizations, and the references are informational rather than executable.
  • [PROMPT_INJECTION]: The skill processes untrusted user-supplied data in the form of business initiative lists for classification.
  • Ingestion points: Initiative mapping workflow in SKILL.md.
  • Boundary markers: None identified in the prompt templates.
  • Capability inventory: Access to Read, Grep, WebSearch, and WebFetch tools.
  • Sanitization: No explicit sanitization or input validation for initiative data is provided.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 04:36 AM
Security Audit — agent-trust-hub — three-horizons