record-verdict
Pass
Audited by Gen Agent Trust Hub on Jul 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious activities such as data exfiltration, remote code execution, or persistence mechanisms were found. The skill is localized to specific metadata management tasks.
- [PROMPT_INJECTION]: The skill operates on potentially untrusted artifact files, which represents an indirect prompt injection surface. However, the instructions explicitly forbid the agent from judging or being influenced by the artifact's content, maintaining the agent's role as a clerical recorder of human decisions.
- Ingestion points: Artifact files at paths provided by the user (e.g., proposals, specs).
- Boundary markers: Not utilized.
- Capability inventory: Limited to reading files and updating YAML frontmatter 'status' fields.
- Sanitization: No explicit sanitization of artifact content is performed as the content is not executed or evaluated.
Audit Metadata