tgravity-work-asset-cards

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes instructions to write Markdown files to the local tgravity-work-data/ directory. This file system access is the core intended purpose of the skill, is restricted to a specific path, and implements a mandatory user confirmation step before any write operation occurs.
  • [PROMPT_INJECTION]: The skill processes untrusted user input (daily reports, oral descriptions) to populate business templates, creating a surface for indirect prompt injection. However, the risk is mitigated by the 'draft-first' workflow and the requirement for Human-In-The-Loop (HITL) markers on sensitive fields like pricing, contracts, and commitments.
  • Ingestion points: User input from conversations or project files used to fill creator, brand, and deal templates in SKILL.md.
  • Boundary markers: The skill explicitly mandates generating a draft first and waiting for user confirmation before saving.
  • Capability inventory: File system write access to tgravity-work-data/ for asset persistence.
  • Sanitization: The skill uses a structured confirmation workflow to ensure human oversight of the generated content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 02:44 AM
Security Audit — agent-trust-hub — tgravity-work-asset-cards