Skills
skills/ken-guru/skills/structure-agenda/Gen Agent Trust Hub

structure-agenda

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes which marp to determine if the required Marp CLI tool is available on the system.
  • [EXTERNAL_DOWNLOADS]: It suggests the installation of the @marp-team/marp-cli package from the official npm registry, which is a well-known resource for this task.
  • [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection through the processing of external data and configuration.
  • Ingestion points: Ingests project data from DISCOVERY.json and external content from URLs specified in the agenda outline via the [Source](url) convention.
  • Boundary markers: No delimiters or protective instructions are used to prevent instructions within ingested data from influencing agent behavior.
  • Capability inventory: The skill has the ability to read, write, and delete files, as well as execute basic shell commands.
  • Sanitization: There is no specified logic for sanitizing or validating content retrieved from external URLs or provided in the discovery file.
  • [COMMAND_EXECUTION]: The RESTART-GUARD.md component allows the agent to delete multiple project files and media directories to prevent inconsistent states. This functionality is protected by user-controlled options and explicit confirmation prompts for permanent media deletion.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 09:44 AM
Security Audit — agent-trust-hub — structure-agenda