ln-230-story-prioritizer
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No prompt injection or bypass patterns were detected. The instructions follow a clear, task-oriented workflow for business analysis without attempting to override agent safety protocols or internal constraints.
- [SAFE]: Data exposure risk is minimal. The skill accesses project-specific data (stories and epics) and performs web searches for market data as part of its primary function. It does not attempt to access sensitive system configuration files, private keys, or credentials.
- [SAFE]: No obfuscation or hidden content was found. All analyzed files, including the Markdown instructions and the supporting Node.js runtime scripts, are written in plain text without encoded commands or deceptive characters.
- [SAFE]: The skill does not download or execute untrusted code. It relies on a local set of Node.js scripts for state management and CLI interactions, and it does not use package managers to install external dependencies at runtime.
- [SAFE]: Command execution is limited to benign operations such as creating directories (
mkdir) for documentation storage. No privilege escalation or persistence mechanisms were detected. - [SAFE]: Indirect prompt injection risk is addressed by the skill's structured processing of external research. While it ingests data from web searches and industry reports, the information is used specifically for calculating business metrics and generating project documentation, following established best practices for AI agents performing research tasks.
Audit Metadata