engineer-motivation
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests data from local context files that are automatically updated based on conversation history, establishing a surface for persistent indirect prompt injection.
- Ingestion points: Context is read from .agents/em-context.md and .agents/reports/[name].md.
- Boundary markers: The instructions do not define delimiters or specific constraints to isolate data retrieved from context files.
- Capability inventory: The skill has the capability to read from and automatically update (write to) local files to maintain state.
- Sanitization: No sanitization or validation of the content processed from these files is mentioned.
Audit Metadata