1on1s
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill's behavior of reading local context files is consistent with its stated purpose as a management tool.
- [NO_CODE]: The skill consists entirely of natural language instructions and references; it includes no executable scripts, binaries, or external software dependencies.
- [PROMPT_INJECTION]: The skill ingests data from local markdown files (.agents/em-context.md and .agents/reports/[name].md). This represents a surface for indirect prompt injection if these files contain malicious content. However, the lack of risky tool capabilities (e.g., shell execution or network access) limits the potential impact to conversational output. Ingestion points: SKILL.md; Boundary markers: Absent; Capability inventory: None; Sanitization: Absent.
Audit Metadata