context-pack
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is purely instructional and does not contain any executable code, scripts, or external dependencies. It utilizes platform configuration to disable external model tool invocation, limiting the execution scope.
- [PROMPT_INJECTION]: The skill handles untrusted data from the conversation history to generate summaries, representing an indirect prompt injection surface. 1. Ingestion points: The current conversation history and user-provided arguments (SKILL.md). 2. Boundary markers: The document structure does not mandate the use of delimiters or 'ignore' instructions for the summarized content. 3. Capability inventory: The skill has the capability to write markdown files to the operating system's temporary storage area. 4. Sanitization: The skill includes clear, mandatory instructions for the agent to redact sensitive information, such as API keys and personally identifiable information, prior to document creation.
Audit Metadata